Circleci: Update nightly trivy scan

.circleci/config.yml

@@ -71,7 +71,7 @@ executors:
 
   trivy_executor:
     docker:
-      - image: docker:stable-git
+      - image: cimg/base:current
         auth:
           <<: *docker-auth
     resource_class: small
@@ -312,24 +312,16 @@ jobs:
     executor: trivy_executor
     steps:
       - prepare
-      - setup_remote_docker:
-          docker_layer_caching: false
       - run:
           name: Install trivy
-          command: |
-            apk add --update-cache --upgrade curl bash
-            curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin
-      # remove the test files and only use the folder names
+          command: curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b $HOME/bin
+      # scan both develop-arm64 and develop-amd64 images using remote src.
       - run:
           name: Scan with trivy
           shell: /bin/sh
           command: |
-            rm -rf docker/test*
-            for FILE in $(ls docker)
-            do
-              docker pull -q "consensys/web3signer:develop-$FILE"
-              trivy -q image --exit-code 1 --no-progress --severity HIGH,CRITICAL --ignorefile "gradle/trivyignore.txt" --timeout 10m "consensys/web3signer:develop-$FILE" 
-            done
+            $HOME/bin/trivy image consensys/web3signer:develop-arm64 --image-src remote --exit-code 1 --quiet --no-progress --severity HIGH,CRITICAL --ignorefile "gradle/trivyignore.txt" --timeout 10m
+            $HOME/bin/trivy image consensys/web3signer:develop-amd64 --image-src remote --exit-code 1 --quiet --no-progress --severity HIGH,CRITICAL --ignorefile "gradle/trivyignore.txt" --timeout 10m
       - notify
 
   publishOpenApiSpec: