Refactor workflows - user reusable workflows (#2504)

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-06-27 10:51:20 +03:00
parent 4a6e862d57
commit a35201ac1c
16 changed files with 429 additions and 239 deletions
--- a/.github/workflows/vulnerability-scan.yaml
+++ b/.github/workflows/vulnerability-scan.yaml
@@ -0,0 +1,24 @@
+name: Vulnerability Scan
+
+on:
+  # enable running the workflow manually
+  workflow_dispatch:
+  schedule:
+    # run every night at 4:00 AM (UTC)
+    - cron: '0 4 * * *'
+
+permissions:
+  contents: read
+  security-events: write
+
+jobs:
+  trivy-scan:
+    # only on original eclipse-hawkbit/hawkbit repo or when manually triggered
+    if: github.repository == 'eclipse-hawkbit/hawkbit' || github.event_name == 'workflow_dispatch'
+    uses: ./.github/workflows/reusable_workflow_trivy-scan.yaml
+    permissions:
+      contents: read
+      security-events: write
+    with:
+      ref: ${{ github.ref }}
+      upload: ${{ github.ref == 'refs/heads/master' }}