-----YAML job definition----
stages:
- sec-test-collect
- sec-test

collect-images:
  stage: sec-test-collect
  variables:
    NAMESPACE: "Some_namespace"
  extends:
    - .authenticate-k8s # authenticate to K8s, implement your method
  script: |-
          export LINES=""
          kubectl get pods -n $NAMESPACE  -o jsonpath="{..imageID}" | tr " " "\n" | sort -u   > list.txt
          for i in $(cat list.txt |  sed '/^$/d;s/^/"/;s/$/"/g' ); do
            LINES=$LINES$i,
          done
          LINES=${LINES%?}
          cat sec-test-child | sed "s|{{images}}|$LINES|g" > cat-sec-child.yaml
  artifacts:
    paths:
     - cat-sec-child.yaml
    expire_in: 1m

scan-docker-image-trivy:
   stage: sec-test
   trigger:
     include:
       - artifact: cat-sec-child.yaml
         job: collect-images
-------


---YAML sec-test-child template---
scan-docker-image-trivy-child:
  stage: test
  image:
    name: registry.safescarf.in.pan-net.eu/trivy
    entrypoint: [""]
  parallel:
    matrix:
      - IMAGE: [{{images}}]
  variables:
    SAFESCARF_HOST: safescard.example.com # replace with SafeSCARF instance URL
    SAFESCARF_ENG_ID: "ENG_ID" # replace with eng id
  script: |-
          export TEST_NAME=$(echo $IMAGE | sed s/@.*$//g)
          ci-connector --version
          time trivy image --format json \
            --output "$CI_PROJECT_DIR/trivy-container-scanning-report.json" "$IMAGE"
          ci-connector upload-scan --scanner 'Trivy Scan' --test-name $TEST_NAME -e $SAFESCARF_ENG_ID -f "$CI_PROJECT_DIR/trivy-container-scanning-report.json"
---