Add: Add a job to build and push SBOM with trivy

Author: Jessica Lai

.github/workflows/push.yml

@@ -94,3 +94,16 @@ jobs:
           repository: "greenbone/automatix"
           workflow: "push.yml"
           inputs: '{"service": "${{ matrix.service }}", "image-url": "${{ matrix.image-url }}", "digest": "${{ matrix.digest }}", "version": "${{ matrix.version }}"}'
+
+  generate-and-push-sbom-trivy:
+    needs: push-postgres
+    if: ${{ needs.push-postgres.outputs.matrix }}
+    runs-on:
+      - self-hosted-generic-vm-amd64
+    steps:
+      - name: Scan image in a private registry
+        uses: greenbone/workflows/.github/workflows/generate-and-push-sbom-with-trivy-3rd-gen.yml@main
+        with:
+          image-url: "${{ vars.GREENBONE_REGISTRY}}/opensight/opensight-postgres:${{ matrix.version }}"
+          output-file-name: 'opensight-postgres.${{ matrix.version }}.sbom.json'
+          artifact-url: "${{ vars.GREENBONE_REGISTRY }}/opensight-dev/opensight-postgres-sbom:${{ matrix.version }}"