nightly #166

	name: nightly

	on:
	schedule:
	- cron: "30 1 * * *"

	permissions: {}

	defaults:
	run:
	shell: bash

	jobs:
	build:
	uses: ./.github/workflows/.reusable-build.yml
	permissions:
	packages: write
	secrets: inherit
	with:
	build: false

	compliance:
	uses: ./.github/workflows/.reusable-compliance.yml
	permissions:
	contents: write
	id-token: write
	security-events: write
	actions: read
	checks: read
	deployments: read
	issues: read
	discussions: read
	packages: read
	pages: read
	pull-requests: read
	repository-projects: read
	statuses: read
	secrets: inherit

	sca-released:
	name: sca (released)
	uses: ./.github/workflows/.reusable-sca.yml
	needs: [build]
	permissions:
	contents: write
	security-events: write
	packages: read
	secrets: inherit
	with:
	image: ${{ needs.build.outputs.original_image }}
	output: "table"

	get-root:
	name: Build and test get-root
	runs-on: ubuntu-latest
	defaults:
	run:
	shell: sh
	container:
	image: docker:stable
	steps:
	- name: Checkout code
	uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
	- name: Build and test get-root utility
	run: \|
	docker build -t get-root-key -f docker/Dockerfile.getRoot .
	docker run --rm get-root-key -i securesystemsengineering/testimage > output
	cat output \| grep "KeyID: 76d211ff8d2317d78ee597dbc43888599d691dbfd073b8226512f0e9848f2508"
	cat output \| grep "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEsx28WV7BsQfnHF1kZmpdCTTLJaWe"

	cleanup-registry:
	uses: ./.github/workflows/.reusable-cleanup-registry.yml
	needs: [build]
	secrets: inherit

Provide feedback