From 8b33c584e4b56a3ba699c41987af59ef935a0f5a Mon Sep 17 00:00:00 2001
From: hackercat <me@hackerc.at>
Date: Sun, 7 Feb 2021 02:09:03 +0000
Subject: [PATCH] Add post-build security scan

---
 .github/workflows/build-images.yml | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/.github/workflows/build-images.yml b/.github/workflows/build-images.yml
index dd794c6..59bf8a2 100644
--- a/.github/workflows/build-images.yml
+++ b/.github/workflows/build-images.yml
@@ -97,3 +97,18 @@ jobs:
             DISTRIB_ID=${{ matrix.DISTRIB_ID }}
             DISTRIB_RELEASE=${{ steps.ubuntu_latest.outputs.UBUNTU_LATEST }}
             NODE_VERSION=${{ matrix.NODE_VERSION }}
+  scan:
+    runs-on: ubuntu-latest
+    needs:
+      - act-base
+    strategy:
+      max-parallel: 4
+      fail-fast: false
+      matrix:
+        DISTRIB_ID: [ubuntu]
+        DISTRIB_RELEASE: [latest, 20.04, 18.04, 16.04]
+        IMAGE_TYPE: [act, runner]
+    steps:
+      - uses: azure/container-scan@v0
+        with:
+          image-name: ghcr.io/catthehacker/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}