a-poluyanov
commented
2 months ago By the way, this solution has already been proposed and is awaiting your confirmation. #17 But I would suggest to improve this, because this code just checks if there is a binary file, but if we want to change the version and download a new one, it will skip the download, because it just checked the binary name
Hi! For some reason I can't use docker-hub because of security policies in my company, but I can use a private repository, I saw the Issue #20 which is still open. And I know that there is a possibility to run not in docker, but using a binary file, which is what I do I have a large pre-production pipeline that needs to scan many services for vulnerabilities, yes, it is performed in parallel on a dozen build agents, but for each Job I have 2 scanning tasks, the first is just scanning and showing all vulnerabilities, the second is exiting with an error in case of a critical vulnerability Look, these are test Jobs to show the problem
The problem is that every time it downloads a binary from GitHub, but as a rule this binary is already left on the Build agent and I don’t want to delete it.
My solution is this: Before downloading an archive from a git repository, you need to check whether this version is on the Build agent. Just like with BD, you can leave the metadata.json file or at least add a temporary variable. You can come up with many different ways to determine whether the binary of the required version is already on the Build agent.
This will reduce the network load and in case of slow internet access will speed up the pipelines. I will be glad if you consider this and if you need help - let me know, I can make a revision and create a Pull request to your repository