Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci(trivy): fetch vulnerabilities DB from ERC #721

Merged
merged 5 commits into from
Oct 30, 2024
Merged

ci(trivy): fetch vulnerabilities DB from ERC #721

merged 5 commits into from
Oct 30, 2024

Conversation

beeme1mr
Copy link
Member

We're running into GHCR throttling issues. Switching to ECR should resolve this issue.

aquasecurity/trivy-action#389 (comment)

@beeme1mr beeme1mr requested a review from a team as a code owner October 30, 2024 14:15
toddbaert
toddbaert reviewed Oct 30, 2024
View reviewed changes
.github/workflows/pr-checks.yml Outdated
@@ -82,6 +82,8 @@ jobs:
template: "@/contrib/sarif.tpl"
output: "trivy-results.sarif"
severity: "CRITICAL,HIGH"
env:
TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
# use an alternative trivvy db to avoid rate limits
TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2

@beeme1mr
Added a fallback db repo
a0ab676 
Support was added in v0.56.0

aquasecurity/trivy#7640

Signed-off-by: Michael Beemer <[email protected]>
@beeme1mr
Update pr-checks.yml
0b8a7f3 
Signed-off-by: Michael Beemer <[email protected]>
@beeme1mr
Update pr-checks.yml
fae06bc 
Signed-off-by: Michael Beemer <[email protected]>
@beeme1mr
Update pr-checks.yml
bb4e836 
Signed-off-by: Michael Beemer <[email protected]>
@beeme1mr beeme1mr merged commit 52bac10 into main Oct 30, 2024
14 of 15 checks passed
@toddbaert toddbaert deleted the beeme1mr-patch-1 branch October 30, 2024 14:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@toddbaert toddbaert toddbaert approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@beeme1mr @toddbaert