From f96f5ce5aa48e9555bec4d315697e8a7b6441282 Mon Sep 17 00:00:00 2001
From: Szilard Parrag <szilard.parrag@axoflow.com>
Date: Wed, 9 Oct 2024 10:22:33 +0200
Subject: [PATCH] ci: fix trivy action

By default it also checks for secrets in compiled Python binary files
(/var/lib/syslog-ng-venv/lib/python3.12/site-packages/google/auth/crypt/__pycache__/_python_rsa.cpython-312.pyc)

See Python docs for more details
https://docs.python.org/3/using/cmdline.html#envvar-PYTHONDONTWRITEBYTECODE

Signed-off-by: Szilard Parrag <szilard.parrag@axoflow.com>
---
 docker/alpine.dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docker/alpine.dockerfile b/docker/alpine.dockerfile
index 93c3851a90..cc61a4bc53 100644
--- a/docker/alpine.dockerfile
+++ b/docker/alpine.dockerfile
@@ -77,6 +77,7 @@ LABEL org.opencontainers.image.url="https://axoflow.io/"
 COPY --from=apkbuilder /home/builder/packages/ /tmp/
 COPY --from=apkbuilder /home/builder/.abuild/*.pub /etc/apk/keys/
 
+ENV PYTHONDONTWRITEBYTECODE TRUE
 RUN apk add --repository /tmp/axoflow -U --upgrade --no-cache \
     jemalloc \
     libdbi-drivers \