Publish trivy-db to docker.io ?

[strowi]

Hi,

it seems ghcr.io has changed something about their rate-limits causing [some problems](https://github.com/aquasecurity/trivy-action/issues/389.

As we are using Gitlab-CI and already have a Harbor Proxy running, we tried to circumcent this via a harbor-proxy, but that doesn't seem to work successfully with ghcr.io (still running into rate-limits).

Turns out Harbor supports the HEAD-Request/Proxy-Mechanism only for docker.io.

Therefore it would be nice if this could also be published to docker.io so people NOT on github can work around this? (I checked and only found a 1y old aquasec/trivy-db ) regards, strowi

[knqyf263]

Docker Hub has very strict rate limits. I'm not sure how much Docker Hub helps address this issue. https://docs.docker.com/docker-hub/download-rate-limit/#whats-the-download-rate-limit-on-docker-hub

We're trying to use ECR Public now. Once we complete it, we'll think about Docker Hub. https://github.com/aquasecurity/trivy-db/pull/440

[strowi]

Thx for the info, must've missed that ECR Issue.

As for Docker-Hub, it would at least help with Harbor (other proxies?), since the HEAD-Requests don't count towards the Rate-limit.

As of Harbor v2.1.1, Harbor proxy cache fires a HEAD request to determine whether any layer of a cached image has been updated in the Docker Hub registry.

Not sure if/which other Proxies do support HEAD requests to Registries other than Docker-Hub.