Skip to content

Commit

Permalink
fix(ci): using AWS based trivy repositories to mitigate TOOMANYREQUES…
Browse files Browse the repository at this point in the history 
…TS from GHCR based ones
  • Loading branch information
@visibilityspots
visibilityspots committed Oct 24, 2024
1 parent ad8eb0a commit c4bc296
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions .github/workflows/trivy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,9 @@ jobs:
exit-code: 0
ignore-unfixed: true
severity: 'CRITICAL,HIGH'
env:
TRIVY_DB_REPOSITORY: 'public.ecr.aws/aquasecurity/trivy-db'
TRIVY_JAVA_DB_REPOSITORY: 'public.ecr.aws/aquasecurity/trivy-java-db'

- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@0.28.0
Expand All @@ -41,6 +44,9 @@ jobs:
output: 'trivy-results.sarif'
ignore-unfixed: true
severity: 'CRITICAL,HIGH'
env:
TRIVY_DB_REPOSITORY: 'public.ecr.aws/aquasecurity/trivy-db'
TRIVY_JAVA_DB_REPOSITORY: 'public.ecr.aws/aquasecurity/trivy-java-db'

- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3
Expand Down

0 comments on commit c4bc296

Please sign in to comment.