rancher / gke-operator

Apache License 2.0
12 stars 21 forks source link

[v2.8] ci: Fix trivy action timeout #706

Closed yiannistri closed 2 weeks ago

yiannistri commented 2 weeks ago

(cherry picked from commit d6e3a335201ee3a45f761dd9a2bf9725ea4c3de9)

What this PR does / why we need it:

We frequently get CI failures when scanning with trivy because there have been too many requests to download the vulnerability db from the rancher org (because many of its repos are using it).

This PR updates the Scan workflow to include additional repositories to be used if trivy fails to retrieve the vulnerability db from the primary source.

Which issue(s) this PR fixes Issue #703

Special notes for your reviewer:

Source for fix: https://github.com/aquasecurity/trivy/discussions/7668#discussioncomment-10884984

Checklist: