👷 Backport #4750 to stable branches

(cherry picked from commit 70b33ab)
open-formulieren · Oct 16, 2024 · d30d79d · d30d79d
1 parent 4c4e374
commit d30d79d
Showing 1 changed file with 6 additions and 3 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -407,16 +407,19 @@ jobs:
  uses: actions/download-artifact@v4
  with:
  name: docker-image-all-extensions-${{ needs.docker_build_setup.outputs.version }}
+
  - name: Scan image with Trivy
  uses: aquasecurity/trivy-action@master
  with:
- input: /github/workspace/image.tar # from download-artifact
+ input: ${{ github.workspace }}/image.tar # from download-artifact
  format: 'sarif'
  output: 'trivy-results-docker.sarif'
  ignore-unfixed: true
  env:
- # See https://github.com/aquasecurity/trivy-action/issues/389#issuecomment-2368662097
- ACTIONS_RUNTIME_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ # Uses the cache from trivy.yml workflow
+ TRIVY_SKIP_DB_UPDATE: true
+ TRIVY_SKIP_JAVA_DB_UPDATE: true
+
  - name: Upload results to GH Security tab
  uses: github/codeql-action/upload-sarif@v3
  with: