We frequently get CI failures when scanning with trivy because there have been too many requests to download the vulnerability db from the rancher org (because many of its repos are using it).
This PR updates the Scan workflow to include additional repositories to be used if trivy fails to retrieve the vulnerability db from the primary source.
What this PR does / why we need it:
We frequently get CI failures when scanning with trivy because there have been too many requests to download the vulnerability db from the rancher org (because many of its repos are using it).
This PR updates the Scan workflow to include additional repositories to be used if trivy fails to retrieve the vulnerability db from the primary source.
Which issue(s) this PR fixes Issue #703
Special notes for your reviewer:
Source for fix: https://github.com/aquasecurity/trivy/discussions/7668#discussioncomment-10884984
Checklist: