IABTechLab · gmsdelmundo · Apr 26, 2024 · Apr 24, 2024 · Apr 24, 2024 · Apr 24, 2024
diff --git a/.github/workflows/build-and-publish.yaml b/.github/workflows/build-and-publish.yaml
@@ -12,7 +12,7 @@ on:
         - Patch
       publish_vulnerabilities:
         type: string
-        default: true
+        default: "true"
       vulnerability_failure_severity:
         description: The severity to fail the workflow if such vulnerability is detected. DO NOT override it unless a Jira ticket is raised. Must be one of ['CRITICAL', 'CRITICAL,HIGH' or 'CRITICAL,HIGH,MEDIUM'] (without space in between).
         type: string

diff --git a/.github/workflows/build-and-test.yaml b/.github/workflows/build-and-test.yaml
@@ -0,0 +1,9 @@
+name: Build and Test
+on: [pull_request, push, workflow_dispatch]
+
+jobs:
+  build:
+    uses: IABTechLab/uid2-shared-actions/.github/workflows/shared-build-and-test.yaml@v2
+    secrets: inherit
+    with:
+      vulnerability_scan_only: true
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
diff --git a/.trivyignore b/.trivyignore
@@ -0,0 +1,5 @@
+# List any vulnerability that are to be accepted
+# See https://aquasecurity.github.io/trivy/v0.35/docs/vulnerability/examples/filter/ 
+# for more details
+# e.g. 
+# CVE-2022-3996
diff --git a/trivy-secret.yaml b/trivy-secret.yaml