From 85caa88c6c99338a4c77f8678f6d10d18a1e727c Mon Sep 17 00:00:00 2001
From: Martin Weise <martin.weise@tuwien.ac.at>
Date: Fri, 12 Jan 2024 14:49:11 +0100
Subject: [PATCH] Added data service scan

---
 .gitlab-ci.yml | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index d96c2f62b1..c484b51fd2 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -259,6 +259,28 @@ scan-metadata-service:
     reports:
       container_scanning: ./.trivy/trivy-metadata-service-report.json
 
+scan-data-service:
+  image: bitnami/trivy:latest
+  stage: scan
+  only:
+    refs:
+      - dev
+      - release-v1.3
+      - release-v1.4
+  allow_failure: true
+  script:
+    - trivy image --insecure --exit-code 0 --format template --template "@.trivy/gitlab.tpl" -o ./.trivy/trivy-data-service-report.json docker.io/dbrepo/data-service:latest
+    - trivy image --insecure --exit-code 0 docker.io/dbrepo/data-service:latest
+    - trivy image --insecure --exit-code 1 --severity CRITICAL docker.io/dbrepo/data-service:latest
+  cache:
+    paths:
+      - .trivycache/
+  artifacts:
+    when: always
+    expire_in: 1 days
+    reports:
+      container_scanning: ./.trivy/trivy-data-service-report.json
+
 scan-search-db:
   image: bitnami/trivy:latest
   stage: scan
-- 
GitLab