commit cadb287277b47201db4fb1372683f6593d4f5ae2
Author: fleaz <mail@felixbreidenstein.de>
Date:   Sun May 25 18:27:21 2025 +0200

    initial commit

diff --git a/.forgejo/workflows/deploy.yaml b/.forgejo/workflows/deploy.yaml
new file mode 100644
index 0000000..a4b2c8e
--- /dev/null
+++ b/.forgejo/workflows/deploy.yaml
@@ -0,0 +1,26 @@
+name: Deployment
+
+on:
+  push:
+
+env:
+  TRIVY_VERSION: "0.26.1"
+
+jobs:
+  container:
+    runs-on: docker
+    container: fleaz/kubeci
+    steps:
+    - name: "Setup k8s context"
+      run: |
+        echo "${{secrets.KUBE_API_CRT}}" > /tmp/ca.pem
+        kubectl config set-cluster k3s --server=${{secrets.KUBE_HOST}} --certificate-authority=/tmp/ca.pem
+        kubectl config set-credentials forgejo --token="${{secrets.KUBE_API_TOKEN}}"
+        kubectl config set-context k3s --cluster k3s --user forgejo --namespace default
+        kubectl config use-context k3s
+    - name: "Deploy"
+      run: |
+        helm repo add aqua https://aquasecurity.github.io/helm-charts/ --force-update
+        helm install trivy-operator aqua/trivy-operator \
+          --namespace trivy-system \
+          --version "${TRIVY_VERSION}"