Avoid vul testing for graviton for now

Author: akondur

.github/workflows/graviton-build-test-push-workflow.yml

@@ -104,60 +104,60 @@ jobs:
       env:
         COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
         COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
-  vulnerability-scan:
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-    runs-on: ubuntu-latest
-    needs: build-operator-image-graviton
-    env:
-      SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }}
-      SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
-      ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }}
-      S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
-      IMAGE_NAME: ${{ secrets.ECR_REPOSITORY }}/splunk/splunk-operator:${{ github.sha }}
-    steps:
-    - name: Set up cosign
-      uses: sigstore/cosign-installer@main
-    - uses: actions/checkout@v2
-    - name: Dotenv Action
-      id: dotenv
-      uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359
-    - name: Set up Docker Buildx
-      uses: docker/[email protected]
-    - name: Configure AWS credentials
-      uses: aws-actions/configure-aws-credentials@v1
-      with:
-        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-        aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
+  # vulnerability-scan:
+  #   permissions:
+    #   actions: read
+    #   contents: read
+    #   security-events: write
+    # runs-on: ubuntu-latest
+    # needs: build-operator-image-graviton
+    # env:
+    #   SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }}
+    #   SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
+    #   ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }}
+    #   S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
+    #   IMAGE_NAME: ${{ secrets.ECR_REPOSITORY }}/splunk/splunk-operator:${{ github.sha }}
+    # steps:
+    # - name: Set up cosign
+    #   uses: sigstore/cosign-installer@main
+    # - uses: actions/checkout@v2
+    # - name: Dotenv Action
+    #   id: dotenv
+    #   uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359
+    # - name: Set up Docker Buildx
+    #   uses: docker/[email protected]
+    # - name: Configure AWS credentials
+    #   uses: aws-actions/configure-aws-credentials@v1
+    #   with:
+    #     aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+    #     aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+    #     aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
 
-    - name: Login to Amazon ECR
-      uses: aws-actions/amazon-ecr-login@v1
-    - name: Pull Splunk Operator Image Locally
-      run: |
-        docker pull ${{ env.IMAGE_NAME }}
-    - name: Verify Signed Splunk Operator image 
-      run: |
-        cosign verify --key env://COSIGN_PUBLIC_KEY  ${{ env.IMAGE_NAME }}
-      env:
-        COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }}
-    - name: Run Trivy vulnerability scanner
-      uses: aquasecurity/trivy-action@master
-      with:
-        image-ref: '${{ env.IMAGE_NAME }}'
-        format: sarif
-        #exit-code: 1
-        severity: 'CRITICAL'
-        ignore-unfixed: true
-        output: 'trivy-results.sarif'
-    - name: Upload Trivy scan results to GitHub Security tab
-      uses: github/codeql-action/upload-sarif@v3
-      with:
-        sarif_file: 'trivy-results.sarif'
+    # - name: Login to Amazon ECR
+    #   uses: aws-actions/amazon-ecr-login@v1
+    # - name: Pull Splunk Operator Image Locally
+    #   run: |
+    #     docker pull ${{ env.IMAGE_NAME }}
+    # - name: Verify Signed Splunk Operator image 
+    #   run: |
+    #     cosign verify --key env://COSIGN_PUBLIC_KEY  ${{ env.IMAGE_NAME }}
+    #   env:
+    #     COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }}
+    # - name: Run Trivy vulnerability scanner
+    #   uses: aquasecurity/trivy-action@master
+    #   with:
+    #     image-ref: '${{ env.IMAGE_NAME }}'
+    #     format: sarif
+    #     #exit-code: 1
+    #     severity: 'CRITICAL'
+    #     ignore-unfixed: true
+    #     output: 'trivy-results.sarif'
+    # - name: Upload Trivy scan results to GitHub Security tab
+    #   uses: github/codeql-action/upload-sarif@v3
+    #   with:
+    #     sarif_file: 'trivy-results.sarif'
   smoke-tests-graviton:
-    needs: vulnerability-scan
+    #needs: vulnerability-scan
     strategy:
       fail-fast: false
       matrix: