test trivy with regular image

.github/workflows/reusable-workflow-docker-image.yml

@@ -28,49 +28,52 @@ jobs:
       - name: Checkout Repository
         uses: actions/checkout@v4
 
-      - name: Input Validation
-        run: |
-          if [[ "$PLATFORM" != "amd64" ]] && \
-             [[ "$PLATFORM" != "arm64" ]]; then
-            echo "Invalid environment: $PLATFORM"
-            exit 1
-          fi
+      # - name: Input Validation
+      #   run: |
+      #     if [[ "$PLATFORM" != "amd64" ]] && \
+      #        [[ "$PLATFORM" != "arm64" ]]; then
+      #       echo "Invalid environment: $PLATFORM"
+      #       exit 1
+      #     fi
 
-      - name: Build Container Image
-        run: |
-          echo "Building image: $REGISTRY/$IMAGE_NAME:$IMAGE_TAG"
-          podman build --platform linux/$PLATFORM -t $REGISTRY/$IMAGE_NAME:$IMAGE_TAG $DOCKER_DIR
+      # - name: Build Container Image
+      #   run: |
+      #     echo "Building image: $REGISTRY/$IMAGE_NAME:$IMAGE_TAG"
+      #     podman build --platform linux/$PLATFORM -t $REGISTRY/$IMAGE_NAME:$IMAGE_TAG $DOCKER_DIR
 
-      - name: Push Container Image
-        run: |
-          echo "Pushing image: $REGISTRY/$IMAGE_NAME:$IMAGE_TAG"
-          podman push $REGISTRY/$IMAGE_NAME:$IMAGE_TAG      
+      # - name: Push Container Image
+      #   run: |
+      #     echo "Pushing image: $REGISTRY/$IMAGE_NAME:$IMAGE_TAG"
+      #     podman push $REGISTRY/$IMAGE_NAME:$IMAGE_TAG      
 
-      - name: Check image with Trivy
-        shell: bash
+      - name: Check ubuntu image with Trivy
         run: |
-          mkdir build-artifacts
-          echo "=======> Print image for trivy scan:"
-          echo "$REGISTRY/$IMAGE_NAME:$IMAGE_TAG"
-          echo ""=======> Print available images:"
-          podman image ls
-          echo ""=======> Scan image with trivy:"
-          trivy image wp10tfdevacr.azurecr.io/$IMAGE_NAME:$IMAGE_TAG >> build-artifacts/vuln-scan.txt
-          
-          # cat build-artifacts/vuln-scan.txt
-          # trivy image --format spdx ubuntu:rolling >> build-artifacts/sbom-spdx.txt
-          # trivy image --format cyclonedx ubuntu:rolling >> build-artifacts/sbom-cyclonedx.txt
+          podman pull docker.io/library/ubuntu:22.04
+          trivy image docker.io/library/ubuntu:22.04
 
-      - name: Upload Artifacts
-        uses: actions/upload-artifact@v4
-        with:
-          name: build-artifacts
-          path: build-artifacts/*
+      # - name: Check image with Trivy
+      #   run: |
+      #     mkdir build-artifacts
+      #     echo "=======> Print image for trivy scan:"
+      #     echo "$REGISTRY/$IMAGE_NAME:$IMAGE_TAG"
+      #     echo ""=======> Print available images:"
+      #     podman image ls
+      #     echo ""=======> Scan image with trivy:"
+      #     trivy image wp10tfdevacr.azurecr.io/$IMAGE_NAME:$IMAGE_TAG >> build-artifacts/vuln-scan.txt
+      #     cat build-artifacts/vuln-scan.txt
+      #     trivy image --format spdx ubuntu:rolling >> build-artifacts/sbom-spdx.txt
+      #     trivy image --format cyclonedx ubuntu:rolling >> build-artifacts/sbom-cyclonedx.txt
 
-      - name: Tag and push Docker image as latest
-        # if: github.ref == 'refs/heads/main' # TODO: uncomment once we are done with development
-        run: |
-          podman tag $REGISTRY/$IMAGE_NAME:$IMAGE_TAG $REGISTRY/$IMAGE_NAME:latest
-          podman push $REGISTRY/$IMAGE_NAME:latest
+      # - name: Upload Artifacts
+      #   uses: actions/upload-artifact@v4
+      #   with:
+      #     name: build-artifacts
+      #     path: build-artifacts/*
+
+      # - name: Tag and push Docker image as latest
+      #   # if: github.ref == 'refs/heads/main' # TODO: uncomment once we are done with development
+      #   run: |
+      #     podman tag $REGISTRY/$IMAGE_NAME:$IMAGE_TAG $REGISTRY/$IMAGE_NAME:latest
+      #     podman push $REGISTRY/$IMAGE_NAME:latest