Skip to content

Commit

Permalink
Use aws public trivy-db storage to avoid ratelimits on github
Browse files Browse the repository at this point in the history
  • Loading branch information
en-jschuetze authored Nov 4, 2024
1 parent a6a38cd commit 07c9b42
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions .github/workflows/security-scan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,8 @@ jobs:

- name: Run Alpine Trivy vulnerability scanner
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
with:
image-ref: php-${{ env.PHP_VERSION }}
format: 'table'
Expand All @@ -68,6 +70,8 @@ jobs:

- name: Run Alpine Trivy vulnerability scanner and create html file
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
with:
image-ref: php-${{ env.PHP_VERSION }}
format: 'template'
Expand All @@ -76,6 +80,8 @@ jobs:

- name: Run Alpine Trivy vulnerability scanner and create html file
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
with:
image-ref: php-${{ env.PHP_VERSION }}
format: 'json'
Expand All @@ -93,6 +99,8 @@ jobs:

- name: Run Alpine Trivy vulnerability scanner and upload to github security tab
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
with:
image-ref: php-${{ env.PHP_VERSION }}
format: 'sarif'
Expand Down

0 comments on commit 07c9b42

Please sign in to comment.