Too many requests

[shyim]

Support guidelines

• I've read the support guidelines

I've found a bug and checked that ...

• ... the documentation does not mention anything about my problem
• ... there are no open or closed issues that are related to my problem

Description

My pipelines regularly fail because of rate limited. I tried to add a token nothing works.

Expected behaviour

It just works

Actual behaviour

Rate limited

Steps to reproduce

I have no idea happens randomly

Repository URL

https://github.com/shopware/docker/

Workflow run URL

https://github.com/shopware/docker/actions/runs/11675826719/job/32511045194

YAML workflow

name: Security Check
on:
  workflow_dispatch:
  schedule:
    - cron: '0 1 * * *'

permissions:
  contents: read
  security-events: write

jobs:
  scan:
    name: 'Image Scan (PHP: ${{ matrix.php-version }})'
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        php-version:
          - '8.1'
          - '8.2'
          - '8.3'
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Pull image
        run: docker pull shopware/docker-base:${{ matrix.php-version }}

      - name: Login into Github Docker Registery
        run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin

      - name: Scan for vulnerabilities
        id: scan
        uses: crazy-max/ghaction-container-scan@v3
        with:
          image: shopware/docker-base:${{ matrix.php-version }}
          dockerfile: ./${{ matrix.php-version }}/Dockerfile

      - name: Upload SARIF file
        if: ${{ steps.scan.outputs.sarif != '' }}
        uses: github/codeql-action/upload-sarif@v3
        with:
          sarif_file: ${{ steps.scan.outputs.sarif }}

### Workflow logs

_No response_

### Additional info

_No response_

[crazy-max]

This looks related to aquasecurity/trivy#7538

I will take a look if we can use multiple trivy DBs for fallback.