From 7f94de3adc6a5b37c7af11855aa67e5f33450973 Mon Sep 17 00:00:00 2001
From: Ved Ratan <ved.ratan@nirmata.com>
Date: Wed, 3 Jul 2024 21:07:36 +0530
Subject: [PATCH 1/4] created ngihtly-scan-test

Signed-off-by: Ved Ratan <ved.ratan@nirmata.com>
---
 .github/workflows/nightly-test.yml | 63 ++++++++++++++++++++++++++++++
 Makefile                           |  2 +-
 2 files changed, 64 insertions(+), 1 deletion(-)
 create mode 100644 .github/workflows/nightly-test.yml

diff --git a/.github/workflows/nightly-test.yml b/.github/workflows/nightly-test.yml
new file mode 100644
index 000000000000..9a919bf40421
--- /dev/null
+++ b/.github/workflows/nightly-test.yml
@@ -0,0 +1,63 @@
+name: Nightly Scan
+on:
+  schedule:
+    - cron: "*/5 * * *" # UTC
+
+env:
+  REGISTRY: ghcr.io
+
+jobs:
+  publish-scan-branch:
+    name: Publish
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    strategy:
+      fail-fast: false
+      matrix:
+        branch:
+          - main
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        with:
+          ref: ${{ matrix.branch }}
+
+      - name: Setup Go
+        uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
+        with:
+          go-version-file: go.mod
+          cache-dependency-path: go.sum
+
+      - name: Set Image name
+        run: |
+          echo IMAGE_NAME="nirmata/nightly-kyverno-${{ matrix.branch }}" >> $GITHUB_ENV
+      
+      - name: Install KO
+        uses: ko-build/setup-ko@3aebd0597dc1e9d1a26bcfdb7cbeb19c131d3037 # v0.7
+
+      # - name: Log into registry ${{env.REGISTRY}}
+      #   uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+      #   with:
+      #     registry: ${{env.REGISTRY}}
+      #     username: ${{github.actor}}
+      #     password: ${{secrets.GITHUB_TOKEN}}
+
+
+      - name: Build and Push 
+        run: |
+          make ko-build-kyverno KO_DOCKER_REPO=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+
+      - name: image scanning
+        id: scan
+        uses: nirmata/reusable-workflows/.github/actions/image-scanning@cleanup
+        with:
+          pcc_url: ${{ secrets.PCC_URL }}
+          pcc_user: ${{ secrets.PCC_USER }}
+          pcc_pass: ${{ secrets.PCC_PASS }}
+          image_name: ${{env.REGISTRY}}/${{env.IMAGE_NAME}}
+          free-disk: 'true'
+
+ 
\ No newline at end of file
diff --git a/Makefile b/Makefile
index 2b55ce3f4225..5059128ff19a 100644
--- a/Makefile
+++ b/Makefile
@@ -263,7 +263,7 @@ build-all: build-kyverno-init build-kyverno build-cli build-cleanup-controller b
 ##############
 
 LOCAL_PLATFORM      := linux/$(GOARCH)
-KO_REGISTRY         := ko.local
+KO_REGISTRY         ?= ko.local
 ifndef VERSION
 KO_TAGS             := $(GIT_SHA)
 else ifeq ($(VERSION),main)

From 3c13e7ff57c30b04e368f3c8ccecb5ffe05f0e24 Mon Sep 17 00:00:00 2001
From: Ved Ratan <ved.ratan@nirmata.com>
Date: Wed, 3 Jul 2024 21:10:21 +0530
Subject: [PATCH 2/4] removed pre-installed KO

Signed-off-by: Ved Ratan <ved.ratan@nirmata.com>
---
 .github/workflows/nightly-test.yml | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/.github/workflows/nightly-test.yml b/.github/workflows/nightly-test.yml
index 9a919bf40421..e1be83ce2ad4 100644
--- a/.github/workflows/nightly-test.yml
+++ b/.github/workflows/nightly-test.yml
@@ -35,9 +35,6 @@ jobs:
         run: |
           echo IMAGE_NAME="nirmata/nightly-kyverno-${{ matrix.branch }}" >> $GITHUB_ENV
       
-      - name: Install KO
-        uses: ko-build/setup-ko@3aebd0597dc1e9d1a26bcfdb7cbeb19c131d3037 # v0.7
-
       # - name: Log into registry ${{env.REGISTRY}}
       #   uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
       #   with:

From 2c7af0885757bb99ef8f8f95b9e7a9dbffc71747 Mon Sep 17 00:00:00 2001
From: Ved Ratan <ved.ratan@nirmata.com>
Date: Wed, 3 Jul 2024 21:13:58 +0530
Subject: [PATCH 3/4] ignore reusable-workflow from pinned

Signed-off-by: Ved Ratan <ved.ratan@nirmata.com>
---
 .github/workflows/check-actions.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/check-actions.yaml b/.github/workflows/check-actions.yaml
index e8b3a6428672..26fd186c54f7 100644
--- a/.github/workflows/check-actions.yaml
+++ b/.github/workflows/check-actions.yaml
@@ -26,3 +26,4 @@ jobs:
           # See: https://github.com/slsa-framework/slsa-github-generator#referencing-slsa-builders-and-generators
           allowlist: |
             slsa-framework/slsa-github-generator
+            nirmata/reusable-workflows/.github/actions/image-scanning

From 7a5f016b3a9077d496e9a22319abdceb474dedae Mon Sep 17 00:00:00 2001
From: Ved Ratan <ved.ratan@nirmata.com>
Date: Wed, 3 Jul 2024 21:18:23 +0530
Subject: [PATCH 4/4] trigger action

Signed-off-by: Ved Ratan <ved.ratan@nirmata.com>
---
 .github/actions/setup-build-env/action.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/actions/setup-build-env/action.yaml b/.github/actions/setup-build-env/action.yaml
index af99ad067bbd..9e719907d603 100644
--- a/.github/actions/setup-build-env/action.yaml
+++ b/.github/actions/setup-build-env/action.yaml
@@ -2,6 +2,7 @@ name: Setup build env
 
 description: Clone repo, unshallow, setup go, cache and install tools.
 
+
 inputs:
   unshallow:
     description: git unshallow