.github/workflows/scan_released.yml

@@ -10,41 +10,20 @@ jobs:
     strategy:
       matrix:
         include:
-          - runs-on: ubuntu-latest
+          # - runs-on: ubuntu-latest
-            arch: i686
+          #  arch: i686
           - runs-on: macos-latest
             arch: arm64
     runs-on: ${{ matrix.runs-on }}
-    defaults:
-      run:
-        shell: bash
     steps:
       - name: Checkout
         uses: actions/checkout@v4
-
-      - name: Setup Docker and Colima (macOS only)
-        if: runner.os == 'macOS'
-        run: |
-          brew install docker colima
-          colima start
-          # Wait for Docker daemon to be ready
-          timeout=30
-          while ! docker info >/dev/null 2>&1; do
-            if [ $timeout -le 0 ]; then
-              echo "Timed out waiting for Docker daemon"
-              exit 1
-            fi
-            timeout=$((timeout-1))
-            sleep 1
-          done
-          
       - name: Download container image for the latest release and load it
         run: |
           VERSION=$(curl https://api.github.com/repos/freedomofpress/dangerzone/releases/latest | grep "tag_name" | cut -d '"' -f 4)
           CONTAINER_FILENAME=container-${VERSION:1}-${{ matrix.arch }}.tar.gz
           wget https://github.com/freedomofpress/dangerzone/releases/download/${VERSION}/${CONTAINER_FILENAME} -O ${CONTAINER_FILENAME}
           docker load -i ${CONTAINER_FILENAME}
-
       # NOTE: Scan first without failing, else we won't be able to read the scan
       # report.
       - name: Scan container image (no fail)
@@ -55,16 +34,13 @@ jobs:
           fail-build: false
           only-fixed: false
           severity-cutoff: critical
-
       - name: Upload container scan report
         uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: ${{ steps.scan_container.outputs.sarif }}
           category: container-${{ matrix.arch }}
-
       - name: Inspect container scan report
         run: cat ${{ steps.scan_container.outputs.sarif }}
-
       - name: Scan container image
         uses: anchore/scan-action@v5
         with:
@@ -73,10 +49,6 @@ jobs:
           only-fixed: false
           severity-cutoff: critical
 
-      - name: Cleanup Colima (macOS only)
-        if: runner.os == 'macOS'
-        run: colima stop
-
   security-scan-app:
     runs-on: ubuntu-latest
     steps: