chore: merge code scan branch

.github/workflows/code-scan.yml

@@ -0,0 +1,17 @@
+name: code-scan
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+jobs:
+  scan-code:
+    uses:  ${{ vars.ORGANISATION_WORKFLOW_PATH }}/scan-code.yml@main
+  # just here for testing purposes
+  scan-image:
+    uses: ${{ vars.ORGANISATION_WORKFLOW_PATH }}/scan-image.yml@main
+    secrets: inherit
+    with:
+      IMAGE: ${{ vars.REGISTRY }}/${{ vars.ORGANISATION_NAME }}/node-${{ vars.NODE_TYPE }}:latest

.github/workflows/main.yml

@@ -12,14 +12,14 @@ permissions:
 
 jobs:
   build: 
-    uses: aiblockofficial/workflows/.github/workflows/build.yml@main
+    uses: ${{ vars.ORGANISATION_WORKFLOW_PATH }}/build.yml@main
     with: 
       REGISTRY:  ${{ vars.REGISTRY }}
       REPOSITORY: ${{ vars.REPOSITORY }}
       NODE_TYPE: ${{ vars.NODE_TYPE }}
   scan-image:
-    uses: aiblockofficial/workflows/.github/workflows/scan-image.yml@main
+    uses: ${{ vars.ORGANISATION_WORKFLOW_PATH }}/scan-image.yml@main
     secrets: inherit
     needs: build
     with:
-      IMAGE: ${{ vars.REGISTRY }}/aiblockofficial/node-${{ vars.NODE_TYPE }}:${{ github.sha }}
+      IMAGE: ${{ vars.REGISTRY }}/${{ vars.ORGANISATION_NAME }}/node-${{ vars.NODE_TYPE }}:${{ github.sha }}

.trivyignore

@@ -0,0 +1,8 @@
+# Accept the risk
+
+
+# Ignore misconfigurations
+# https://avd.aquasec.com/misconfig/dockerfile/general/avd-ds-0001/
+AVD-DS-0001
+# https://avd.aquasec.com/misconfig/dockerfile/general/avd-ds-0026/
+AVD-DS-0026

README.md

@@ -120,3 +120,39 @@ cargo +nightly doc --document-private-items
 The resulting documentation can be found in `target/doc/system/index.html`.
 
 Nightly is required because one of dependencies (`gmp-mpfr-sys`) uses unstable features.
+
+## Trivy Code Scanning Exceptions
+
+Trivy scanning will run for each PR submitted although there is a mechanism via which certain rules can be ignored:
+
+Take the following output as an example
+
+```
+Dockerfile (dockerfile)
+
+Tests: 27 (SUCCESSES: 25, FAILURES: 2, EXCEPTIONS: 0)
+Failures: 2 (UNKNOWN: 0, LOW: 1, MEDIUM: 1, HIGH: 0, CRITICAL: 0)
+
+MEDIUM: Specify a tag in the 'FROM' statement for image 'cgr.dev/chainguard/glibc-dynamic'
+══════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════
+When using a 'FROM' statement you should use a specific tag to avoid uncontrolled behavior when the image is updated.
+
+See https://avd.aquasec.com/misconfig/ds001
+──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
+ Dockerfile:20
+──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
+  20 [ FROM cgr.dev/chainguard/glibc-dynamic:latest
+```
+
+Here we can see the rules is located at https://avd.aquasec.com/misconfig/ds001 and when navigating to the url --> https://avd.aquasec.com/misconfig/dockerfile/general/avd-ds-0001/
+
+The last portion of the url can always be used as the ID i.e avd-ds-0001 --> AVD-DS-0001, so if we wanted to ignore this rule we would add the following to the .trivyignore file
+
+**.trivyignore**
+
+```
+# Ignore misconfigurations
+# https://avd.aquasec.com/misconfig/dockerfile/general/avd-ds-0001/
+AVD-DS-0001
+```
+

src/bin/initial_block.json

@@ -1,11 +1,9 @@
 {
     "mempool_genesis_tx_in_comment": [
-        "/// The TxIn content for genesis block.",
-        "/// A marketing request: A quote from the the Magna Carta document, the 39th claim.",
-        "/// This version was updated to be more inclusive."
+        "/// The TxIn content for genesis block."
     ],
     "treasury_supply": 90090000000000000,
-    "mempool_genesis_tx_in": "+ (39) No person shall be seized or imprisoned, or stripped of their rights or possessions, or outlawed or exiled, or deprived of their standing in any way, nor will we proceed with force against them, or send others to do so, except by the lawful judgment of their equals or by the law of the land.",
+    "mempool_genesis_tx_in": "Because men work we may speak of an economy, not the other way around. Because men worship we may speak of religion, not the other way around. And when an economy collides with a religion it is living men who collide, nothing else.",
     "mempool_seed_utxo": {
         "000000": [
             {

src/bin/initial_block_regression.json

@@ -1,12 +1,12 @@
 {
-    "compute_genesis_tx_in_comment": [
+    "mempool_genesis_tx_in_comment": [
         "/// The TxIn content for genesis block.",
         "/// A marketing request: A quote from the the Magna Carta document, the 39th claim.",
         "/// This version was updated to be more inclusive."
     ],
     "treasury_supply": 90090000000000000,
-    "compute_genesis_tx_in": "+ (39) No person shall be seized or imprisoned, or stripped of their rights or possessions, or outlawed or exiled, or deprived of their standing in any way, nor will we proceed with force against them, or send others to do so, except by the lawful judgment of their equals or by the law of the land.",
-    "compute_seed_utxo": {
+    "mempool_genesis_tx_in": "+ (39) No person shall be seized or imprisoned, or stripped of their rights or possessions, or outlawed or exiled, or deprived of their standing in any way, nor will we proceed with force against them, or send others to do so, except by the lawful judgment of their equals or by the law of the land.",
+    "mempool_seed_utxo": {
         "000000": [
             {
                 "public_key": "6f26a1754def1b7115ff1150c6c75a1c6e6bee6b97492eece6266046504c70e8",