name: Lint

on:
  push:
    branches:
      - develop
    paths:
      - 'Dockerfile'
  pull_request:
    branches:
      - develop
    paths:
      - 'Dockerfile'

jobs:
  trivy:
    name: Dockerfile
    runs-on: ubuntu-latest
    container:
      image: aquasec/trivy
    steps:
      - uses: actions/checkout@v3

      - name: Check critical issues
        run: trivy config --exit-code 1 --severity "HIGH,CRITICAL" ./Dockerfile

      - name: Check non-critical issues
        run: trivy config --severity "LOW,MEDIUM" ./Dockerfile