From db412b2d3966c7713879386c73b4cee18892956e Mon Sep 17 00:00:00 2001
From: DmitriyLewen <dmitriy.lewen@smartforce.io>
Date: Thu, 3 Oct 2024 14:11:47 +0600
Subject: [PATCH 1/2] docs: add info about using `action/cache` for `trivy-db`

---
 README.md | 49 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)

diff --git a/README.md b/README.md
index 2a2ca84..c1c5673 100644
--- a/README.md
+++ b/README.md
@@ -123,6 +123,55 @@ jobs:
         severity: 'CRITICAL,HIGH'
 ```
 
+### Using cache for trivy-db
+Recently, there has been an increase in cases of receiving the `TOOMANYREQUESTS` error when downloading the `trivy-db`.
+
+If you’re performing multiple scans, it makes sense to use [action/cache](https://github.com/actions/cache) to cache the `trivy-db`.
+
+The example below saves the trivy-db for each day:
+```yaml
+name: build
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      ## To avoid the trivy-db becoming outdated, we save the cache for one day
+      - name: Get data
+        id: date
+        run: echo "date=$(date +%Y-%m-%d)" >> $GITHUB_OUTPUT
+
+      - name: Restore trivy cache
+        uses: actions/cache@v4
+        with:
+          path: cache/db
+          key: trivy-cache-${{ steps.date.outputs.date }}
+          restore-keys:
+            trivy-cache-
+
+      - name: Run Trivy vulnerability scanner in fs mode
+        uses: aquasecurity/trivy-action@0.24.0
+        with:
+          scan-type: 'fs'
+          scan-ref: '.'
+          cache-dir: "./cache"
+
+      ## Trivy-db uses `0600` permissions.
+      ## But `action/cache` use `runner` user by default
+      ## So we need to change the permissions before caching the database.
+      - name: change permissions for trivy.db
+        run: sudo chmod 0644 ./cache/db/trivy.db
+```
+
 ### Using Trivy with GitHub Code Scanning
 If you have [GitHub code scanning](https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/about-code-scanning) available you can use Trivy as a scanning tool as follows:
 ```yaml

From 097bbadd58c622c8a88d3b17f3493f4bc8a87194 Mon Sep 17 00:00:00 2001
From: DmitriyLewen <dmitriy.lewen@smartforce.io>
Date: Thu, 3 Oct 2024 14:27:44 +0600
Subject: [PATCH 2/2] docs: add info about trivy-java-db and trivy-checks

---
 README.md | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index c1c5673..54498d5 100644
--- a/README.md
+++ b/README.md
@@ -123,12 +123,13 @@ jobs:
         severity: 'CRITICAL,HIGH'
 ```
 
-### Using cache for trivy-db
-Recently, there has been an increase in cases of receiving the `TOOMANYREQUESTS` error when downloading the `trivy-db`.
+### Using cache for Trivy databases
+Recently, there has been an increase in cases of receiving the `TOOMANYREQUESTS` error when downloading the Trivy databases (`trivy-db`, `trivy-java-db` and `trivy-checks`).
 
-If you’re performing multiple scans, it makes sense to use [action/cache](https://github.com/actions/cache) to cache the `trivy-db`.
+If you’re performing multiple scans, it makes sense to use [action/cache](https://github.com/actions/cache) to cache one or more databases.
+
+The example below saves the `trivy-db` for each day in the cache:
 
-The example below saves the trivy-db for each day:
 ```yaml
 name: build
 on: