Create dependabot.yml

Signed-off-by: Anurag Rajawat <[email protected]>

.github/dependabot.yml

@@ -0,0 +1,29 @@
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+
+  - package-ecosystem: "gomod"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+
+  - package-ecosystem: "gomod"
+    directory: "/pkg/adapter/nimbus-kubearmor"
+    schedule:
+      interval: "weekly"
+
+  - package-ecosystem: "gomod"
+    directory: "/pkg/adapter/nimbus-netpol"
+    schedule:
+      interval: "weekly"
+
+  - package-ecosystem: "gomod"
+    directory: "/pkg/adapter/nimbus-kyverno"
+    schedule:
+      interval: "weekly"

.github/workflows/release-image.yaml

@@ -50,7 +50,7 @@ jobs:
         working-directory: ${{ inputs.WORKING_DIRECTORY }}
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/[email protected]
+        uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # v0.20.0
         with:
           image-ref: 'docker.io/5gsec/${{ inputs.NAME }}:v0.1'
           format: 'sarif'

.github/workflows/stable-release.yaml

@@ -16,7 +16,7 @@ concurrency:
 
 jobs:
   release-nimbus-image:
-    if: github.repository == '5GSEC/nimbus'
+    #if: github.repository == '5GSEC/nimbus'
     name: Build and push nimbus image
     uses: ./.github/workflows/release-image.yaml
     with:
@@ -25,7 +25,7 @@ jobs:
     secrets: inherit
 
   release-adapters-image:
-    if: github.repository == '5GSEC/nimbus'
+    #if: github.repository == '5GSEC/nimbus'
     strategy:
       matrix:
         adapters: [ "nimbus-kubearmor", "nimbus-netpol", "nimbus-kyverno" ]