trivy/.github/workflows/scan.yaml

name: Scan vulnerabilities
on:
  schedule:
    - cron: '0 0 * * *'
  workflow_dispatch:

jobs:
  build:
    name: Scan Go vulnerabilities
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v3.5.3

      - name: Run Trivy vulnerability scanner and create GitHub issues
        uses: knqyf263/trivy-issue-action@v0.0.5
        with:
          assignee: knqyf263
          severity: CRITICAL
          skip-dirs: integration,examples,pkg
          label: kind/security
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}