chore(): Initial commit for a trivy scanner

Dockerfile

@@ -0,0 +1,18 @@
+FROM alpine:latest
+
+ARG ORAS_VERSION="1.0.0"
+
+RUN apk add --virtual .build-deps curl && \
+    curl -LO "https://github.com/oras-project/oras/releases/download/v${ORAS_VERSION}/oras_${ORAS_VERSION}_linux_amd64.tar.gz" && \
+    mkdir -p oras-install/ && \
+    tar -zxf oras_${ORAS_VERSION}_*.tar.gz -C oras-install/ && \
+    mv oras-install/oras /usr/local/bin/ && \
+    rm -rf oras_${ORAS_VERSION}_*.tar.gz oras-install/ && \
+    export TRIVY_VERSION=$(wget -qO - "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/') && \
+    echo $TRIVY_VERSION && \
+    curl -LO "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" && \
+    mkdir -p trivy-install && \
+    tar -zxf trivy_${TRIVY_VERSION}_*.tar.gz -C trivy-install/ && \
+    mv trivy-install /opt/trivy && \
+    ln -s /opt/trivy/trivy /usr/local/bin/trivy && \
+    apk del .build-deps

README.md

@@ -0,0 +1,11 @@
+# Trivy Container Scanner
+
+This container is designed to pull and scan containers without the need of using privileged containers.
+
+# Oras
+
+The container includes `oras`, an awesome little nifty command line tool to manage containers.
+
+# Trivy
+
+The famous `trivy` scanner binary.