ci(build): fetch Trivy DB from aws to prevent TOOMANYREQUESTS from gh…

…cr.io (#44) Signed-off-by: Benjamin Pinchon <[email protected]>
Orange-OpenSource · Oct 30, 2024 · da9465a · da9465a
1 parent 74af28f
commit da9465a
Showing 1 changed file with 6 additions and 4 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -63,10 +63,12 @@ jobs:
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # v0.28.0
         if: github.event_name != 'pull_request'
+        env:
+          TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
         with:
           image-ref: ${{ inputs.image-name }}:${{ steps.meta.outputs.version }}
-          format: 'table'
-          exit-code: '1'
+          format: "table"
+          exit-code: "1"
           ignore-unfixed: true
-          vuln-type: 'os,library'
-          severity: 'CRITICAL,HIGH'
+          vuln-type: "os,library"
+          severity: "CRITICAL,HIGH"