chore(deps): update https://gitea.t000-n.de/t.behrendt/actions action to v0.2.1 (#16)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [https://gitea.t000-n.de/t.behrendt/actions](https://gitea.t000-n.de/t.behrendt/actions) | action | minor | `0.1.5` → `0.2.1` |

---

### Release Notes

<details>
<summary>t.behrendt/actions (https://gitea.t000-n.de/t.behrendt/actions)</summary>

### [`v0.2.1`](https://gitea.t000-n.de/t.behrendt/actions/compare/0.2.0...0.2.1)

[Compare Source](https://gitea.t000-n.de/t.behrendt/actions/compare/0.2.0...0.2.1)

### [`v0.2.0`](https://gitea.t000-n.de/t.behrendt/actions/compare/0.1.7...0.2.0)

[Compare Source](https://gitea.t000-n.de/t.behrendt/actions/compare/0.1.7...0.2.0)

### [`v0.1.7`](https://gitea.t000-n.de/t.behrendt/actions/compare/0.1.6...0.1.7)

[Compare Source](https://gitea.t000-n.de/t.behrendt/actions/compare/0.1.6...0.1.7)

### [`v0.1.6`](https://gitea.t000-n.de/t.behrendt/actions/compare/0.1.5...0.1.6)

[Compare Source](https://gitea.t000-n.de/t.behrendt/actions/compare/0.1.5...0.1.6)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41LjQiLCJ1cGRhdGVkSW5WZXIiOiI0My41LjQiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImFjdGlvbiIsImRlcHMiXX0=-->

Reviewed-on: #16
Reviewed-by: t.behrendt <t.behrendt@noreply.localhost>
Co-authored-by: Renovate Bot <renovate@t00n.de>
Co-committed-by: Renovate Bot <renovate@t00n.de>

.gitea/workflows/cd.yaml

@@ -18,11 +18,11 @@ jobs:
           fetch-depth: 0
       - name: Increment tag
         id: tag
-        uses: https://gitea.t000-n.de/t.behrendt/conventional-semantic-git-tag-increment@af46017d0af5fd6af4425f8e6961f14280a1acd1 # 0.1.26
+        uses: https://gitea.t000-n.de/t.behrendt/conventional-semantic-git-tag-increment@41b7e04221df8a033bec841d40a097b76e5f67ff # 0.1.29
         with:
           token: ${{ secrets.GITEA_TOKEN }}
           prerelease: ${{ github.event_name == 'workflow_dispatch' }}
       - name: Push tag
-        uses: https://gitea.t000-n.de/t.behrendt/actions/release-git-tag@1b8fe65eda1ea0a7586a5fd552ef8f4a639b154f # 0.1.3
+        uses: https://gitea.t000-n.de/t.behrendt/actions/release-git-tag@3925c92fc33f3d2bc87d28d21ab691b7e6dd6cdf # 0.2.1
         with:
           tag: ${{ steps.tag.outputs.new-tag }}

.gitea/workflows/run-tas.yaml

@@ -1,143 +0,0 @@
-name: Run TAS
-
-on:
-  workflow_call:
-    inputs:
-      scan-config:
-        description: "Scan the configuration files"
-        required: false
-        default: false
-        type: boolean
-      image-scan-files:
-        description: "List of files to scan for images"
-        required: false
-        default: ""
-        type: string
-      pre-pull-images:
-        description: "Pre-pull the images"
-        required: false
-        default: false
-        type: boolean
-      trivy-server:
-        description: "Trivy server to use"
-        required: false
-        default: "https://trivy.gitea.t00n.de"
-        type: string
-      tas-base-url:
-        description: "TAS base URL"
-        required: false
-        default: "https://tas.gitea.t00n.de"
-        type: string
-      repository-name:
-        description: "Repository name"
-        required: true
-        type: string
-      branch-name:
-        description: "Branch name"
-        required: true
-        type: string
-      repository-owner:
-        description: "Repository owner"
-        required: true
-        type: string
-
-jobs:
-  config-scan:
-    runs-on: ubuntu-latest
-    if: inputs.scan-config == true
-    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-      - uses: https://gitea.t000-n.de/t.behrendt/trivy-actions/setup-trivy@1.4.0
-      - uses: https://gitea.t000-n.de/t.behrendt/trivy-actions/setup-db@1.4.0
-      - run: |
-          trivy config --cache-dir "$TRIVY_CACHE_DIR" --exit-code 0 --format sarif --output config-sarif.json .
-        env:
-          TRIVY_CACHE_DIR: ${{ runner.temp }}/trivy
-      - uses: https://github.com/christopherHX/gitea-upload-artifact@v4
-        with:
-          name: config-sarif
-          path: config-sarif.json
-
-  image-scan:
-    runs-on: ubuntu-latest
-    if: inputs.image-scan-files != ""
-    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-      - uses: https://gitea.t000-n.de/t.behrendt/trivy-actions/setup-trivy@1.4.0
-      - uses: https://gitea.t000-n.de/t.behrendt/trivy-actions/setup-db@1.4.0
-      - name: Get Images From Files
-        id: get-images
-        uses: https://gitea.t000-n.de/t.behrendt/trivy-actions/get-images-from-files@1.4.0
-        with:
-          files: ${{ inputs.image-scan-files }}
-      - name: Pull images
-        if: inputs.pre-pull-images == true
-        run: |
-          set -e
-          images='${{ steps.get-images.outputs.images }}'
-          for img in $(echo "$images" | jq -r '.[]'); do
-            docker pull "$img"
-          done
-      - name: Scan images
-        id: scan
-        run: |
-          set -e
-          images='${{ steps.get-images.outputs.images }}'
-          count=$(echo "$images" | jq 'length')
-          if [ "$count" -eq 0 ]; then
-            echo "No images found"
-            exit 1
-          fi
-          i=0
-          for img in $(echo "$images" | jq -r '.[]'); do
-            trivy image --cache-dir "$TRIVY_CACHE_DIR" --server ${{ inputs.trivy-server }} --exit-code 0 --scanners vuln --format sarif --output "sarif-image-${i}.json" "$img"
-            i=$((i + 1))
-          done
-          {
-            echo "files<<EOF"
-            for j in $(seq 0 $((i - 1))); do echo "  - sarif-image-${j}.json"; done
-            echo "EOF"
-          } >> $GITHUB_OUTPUT
-          echo "count=$i" >> $GITHUB_OUTPUT
-        env:
-          TRIVY_CACHE_DIR: ${{ runner.temp }}/trivy
-      - name: Merge image SARIF files
-        if: steps.scan.outputs.count != '0'
-        uses: https://gitea.t000-n.de/t.behrendt/trivy-actions/merge-sarif-files@1.4.1-rc-e78ced192dbed9db9a04540a2a27c75924f1d5ea
-        with:
-          files: ${{ steps.scan.outputs.files }}
-          output-file: image-sarif.json
-      - uses: https://github.com/ChristopherHX/gitea-upload-artifact@v4
-        with:
-          name: image-sarif
-          path: image-sarif.json
-
-  merge-and-upload:
-    runs-on: ubuntu-latest
-    needs: [config-scan, image-scan]
-    if: inputs.scan-config == true || inputs.image-scan-files != ""
-    steps:
-      - name: Download config SARIF
-        uses: https://github.com/ChristopherHX/gitea-download-artifact@v4
-        with:
-          name: config-sarif
-          path: config-sarif-artifact
-      - name: Download image SARIF
-        uses: https://github.com/ChristopherHX/gitea-download-artifact@v4
-        with:
-          name: image-sarif
-          path: image-sarif-artifact
-      - name: Merge SARIF files
-        uses: https://gitea.t000-n.de/t.behrendt/trivy-actions/merge-sarif-files@1.4.1-rc-e78ced192dbed9db9a04540a2a27c75924f1d5ea
-        with:
-          files: |
-            - config-sarif-artifact/config-sarif.json
-            - image-sarif-artifact/image-sarif.json
-          output-file: sarif.json
-      - uses: https://gitea.t000-n.de/t.behrendt/tas-actions/tas-upload-sarif@0.0.2
-        with:
-          tas-base-url: ${{ inputs.tas-base-url }}
-          sarif-file: sarif.json
-          owner: ${{ inputs.repository-owner }}
-          repo: ${{ inputs.repository-name }}
-          branch: ${{ inputs.branch-name }}