From 8bf4f607c40e706465fd25a459d5beaebb3abbd8 Mon Sep 17 00:00:00 2001
From: Nayuta Ishii <nayuta.ishii@dr-ubie.com>
Date: Mon, 11 Mar 2024 14:41:46 +0900
Subject: [PATCH] Use temporary directory for download

---
 script.sh | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/script.sh b/script.sh
index d6b5b2a..cf3ab31 100755
--- a/script.sh
+++ b/script.sh
@@ -46,6 +46,10 @@ echo '::endgroup::'
 echo "::group:: Installing trivy (${INPUT_TRIVY_VERSION}) ... https://github.com/aquasecurity/trivy"
   test ! -d "${TRIVY_PATH}" && install -d "${TRIVY_PATH}"
 
+  PREV_DIR=$(pwd)
+  TEMP_DOWNLOAD_PATH="$(mktemp -d)"
+  cd "${TEMP_DOWNLOAD_PATH}" || exit
+
   archive="trivy.${archive_extension}"
   if [[ "${INPUT_TRIVY_VERSION}" = "latest" ]]; then
     # latest release is available on this url.
@@ -58,17 +62,23 @@ echo "::group:: Installing trivy (${INPUT_TRIVY_VERSION}) ... https://github.com
   release_num=${release/#v/}
   url="https://github.com/aquasecurity/trivy/releases/download/${release}/trivy_${release_num}_${os}-${arch}.${archive_extension}"
   # Echo url for testing
-  echo "Downloading ${url}"
-
+  echo "Downloading ${url} to ${archive}"
   curl --silent --show-error --fail \
     --location "${url}" \
     --output "${archive}"
+
+  ### TEST
+  echo "URL: ${url}"
+  echo "ARCHIVE: ${archive}"
+  ls 
+  ### TEST END
   if [[ "${os}" = "Windows" ]]; then
     unzip "${archive}"
   else
     tar -xzf "${archive}"
   fi
   install trivy "${TRIVY_PATH}"
+  cd "${PREV_DIR}" || exit
 echo '::endgroup::'
 
 echo "::group:: Print trivy details ..."