improved retry logic for trivy scanning #166

	name: Build and Test Docker Image

	on:
	push:
	branches-ignore:
	- latest

	jobs:
	build:
	runs-on: ubuntu-latest
	permissions:
	contents: write

	steps:
	- name: Checkout code
	uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Run Development Pipeline
	run: make dev-pipeline
	working-directory: .

	- name: Cache Trivy DB
	uses: actions/cache@v3
	with:
	path: ~/.cache/trivy
	key: ${{ runner.os }}-trivy-db-${{ github.sha }}
	restore-keys: \|
	${{ runner.os }}-trivy-db-

	- name: Install Trivy
	run: \|
	curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh \| sudo sh -s -- -b /usr/local/bin

	- name: Trivy Scanning with Retry
	run: \|
	# Enable exit on error
	set -e

	# Retry logic for Trivy
	max_retries=5
	attempt=1
	success=false

	while [ $attempt -le $max_retries ]; do
	echo "Running Trivy scan, attempt $attempt..."
	trivy image --severity CRITICAL --exit-code 1 --quiet udx-worker/udx-worker:latest \| tee trivy.log \| grep -v 'INFO'

	if grep -E "Total: [1-9]" trivy.log; then
	echo "CRITICAL vulnerabilities detected!"
	exit 1
	else
	echo "No CRITICAL vulnerabilities found."
	success=true
	break
	fi

	# If the attempt fails, wait for 2 minutes before retrying
	echo "Trivy scan failed, retrying in 2 minutes..."
	sleep 120
	attempt=$((attempt+1))
	done

	if [ "$success" = false ]; then
	echo "Failed to complete Trivy scan after $max_retries attempts."
	exit 1
	fi

Provide feedback