From a6c3c3e5d7d5e5ca870777a21c47e6b9d2e11b1c Mon Sep 17 00:00:00 2001
From: saisiatishkarra <saisatishkarra@konghq.com>
Date: Fri, 16 Aug 2024 06:42:51 -0500
Subject: [PATCH] fix cache for first sca scan

Signed-off-by: saisatishkarra <saisatish.karra@konghq.com>
---
 .github/workflows/release.yml | 16 ++--------------
 1 file changed, 2 insertions(+), 14 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index c5bcb4133a724..02252a89018a9 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -437,8 +437,6 @@ jobs:
     needs: [metadata, build-images]
     runs-on: ubuntu-22.04
     timeout-minutes: ${{ fromJSON(vars.GHA_DEFAULT_TIMEOUT) }}
-    # Use DISABLE_SCA_SCAN to completely disable the scan in case of emergency purposes and revert it back when notified.
-     vars.DISABLE_SCA_SCAN == 'false'
     if: |-
       always()
       && vars.DISABLE_SCA_SCAN == 'false'
@@ -487,25 +485,15 @@ jobs:
     - name: Scan AMD64 Image digest
       id: sbom_action_amd64
       if: steps.image_manifest_metadata.outputs.amd64_sha != ''
-      uses: Kong/public-shared-actions/security-actions/scan-docker-image@v2
+      uses: Kong/public-shared-actions/security-actions/scan-docker-image@a2132654dffda2a5dd121bbd077a205b4cae8ec0
       with:
         asset_prefix: kong-${{ needs.metadata.outputs.commit-sha }}-${{ matrix.label }}-linux-amd64
         image: ${{ needs.metadata.outputs.prerelease-docker-repository }}:${{ needs.metadata.outputs.commit-sha }}-${{ matrix.label }}
 
-    - name: Cache Grype DB
-      id: cache-grype
-      uses: actions/cache@v3
-      env:
-        cache-name: cache-grype-db
-      with:
-        # Grype cache files are stored in `~/.cache/grype/db` on Linux/macOS
-        path: ~/.cache/grype/db
-        key: ${{ env.cache-name }}
-
     - name: Scan ARM64 Image digest
       if: steps.image_manifest_metadata.outputs.manifest_list_exists == 'true' && steps.image_manifest_metadata.outputs.arm64_sha != ''
       id: sbom_action_arm64
-      uses: Kong/public-shared-actions/security-actions/scan-docker-image@v2
+      uses: Kong/public-shared-actions/security-actions/scan-docker-image@a2132654dffda2a5dd121bbd077a205b4cae8ec0
       with:
         asset_prefix: kong-${{ needs.metadata.outputs.commit-sha }}-${{ matrix.label }}-linux-arm64
         image: ${{ needs.metadata.outputs.prerelease-docker-repository }}:${{ needs.metadata.outputs.commit-sha }}-${{ matrix.label }}