Skip to content

Commit

Permalink
chore(deps): specify trivy db and java db repositories
Browse files Browse the repository at this point in the history 
since the version 0.56.0 of trivy (already used in the version 0.26.0 of the trivy-action) includes the option to specify multiple registries, so that by default the GitHub Registry is used, and if too many requests is reached, the aws mirror will be used.
  • Loading branch information
@eliflores
eliflores committed Oct 9, 2024
1 parent cd8f826 commit 3dfc36d
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 0 deletions.
4 changes: 4 additions & 0 deletions .github/workflows/pipeline.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,8 @@ jobs:
uses: aquasecurity/trivy-action@a20de5420d57c4102486cdd9578b45609c99d7eb
env:
TRIVY_OFFLINE_SCAN: true
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
TRIVY_JAVA_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
image-ref: ${{ env.CONTAINER_REGISTRY }}/${{ env.CONTAINER_IMAGE_NAME }}:${{ env.CONTAINER_IMAGE_VERSION }}
format: "sarif"
Expand All @@ -93,6 +95,8 @@ jobs:
uses: aquasecurity/trivy-action@a20de5420d57c4102486cdd9578b45609c99d7eb
env:
TRIVY_OFFLINE_SCAN: true
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
TRIVY_JAVA_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
image-ref: ${{ env.CONTAINER_REGISTRY }}/${{ env.CONTAINER_IMAGE_NAME }}:${{ env.CONTAINER_IMAGE_VERSION }}
format: "cosign-vuln"
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/scan.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,8 @@ jobs:
TRIVY_USERNAME: ${{ github.actor }}
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
TRIVY_OFFLINE_SCAN: true
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
TRIVY_JAVA_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
image-ref: ${{ env.CONTAINER_REGISTRY }}/${{ env.CONTAINER_IMAGE_NAME }}:${{ env.CONTAINER_IMAGE_VERSION }}
format: "sarif"
Expand Down

0 comments on commit 3dfc36d

Please sign in to comment.