Background

After conversations this PILOT has to support the scanning process in the project. There should be one automatic workflow, that will upload current security repository state to the team and one that is scanning the terraform files, when the change is made. The Trivy scan configuration should be targeting the same output that has the AquaSec on their dashboard.

Feature

• Have the Terraform scanning linter, when the terraform change is made
• Have the 9.00am automatic Trivy (AquaSec) scan and upload the SARIF file to the GH
• Send a notification email after the Trivy workflow runs with the current repo security information