add comments

kbase · Aug 21, 2024 · 9c191a8 · 9c191a8
1 parent 39f9f68
commit 9c191a8
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -11,6 +11,9 @@ jobs:
       actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
     name: Build
     runs-on: "ubuntu-20.04"
+    # Steps are copied from https://github.com/kbase/.github/blob/main/.github/workflows/reusable_trivy-scans.yml
+    # In order to avoid 'no space left on device' error, we are not building a Docker image
+    # Instead, we are scanning the repository code directly (change scan-type from 'image' to 'fs')
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
@@ -28,7 +31,6 @@ jobs:
             output: "trivy-results.tbl"
             timeout: "20m0s"
 
-      # Copied from https://github.com/kbase/.github/blob/main/.github/workflows/reusable_trivy-scans.yml
       - name: Check for log4j CVEs
         run: |
           set -e