Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[v2.8] ci: Fix trivy action timeout #720

Merged

Conversation

yiannistri
Copy link
Contributor

(cherry picked from commit f00d666)

What this PR does / why we need it:

We frequently get CI failures when scanning with trivy because there have been too many requests to download the vulnerability db from the rancher org (because many of its repos are using it).

This PR updates the Scan workflow to include additional repositories to be used if trivy fails to retrieve the vulnerability db from the primary source.

Which issue(s) this PR fixes
Issue #708

Special notes for your reviewer:

Source for fix: aquasecurity/trivy#7668 (reply in thread)

Checklist:

  • squashed commits into logical changes
  • includes documentation
  • adds unit tests
  • adds or updates e2e tests
  • backport needed

(cherry picked from commit f00d666)
@yiannistri yiannistri marked this pull request as ready for review November 6, 2024 09:43
@yiannistri yiannistri requested a review from a team as a code owner November 6, 2024 09:43
@yiannistri yiannistri changed the title ci: Fix trivy action timeout [v2.8] ci: Fix trivy action timeout Nov 6, 2024
@mjura mjura merged commit c3922b0 into rancher:release-v2.8 Nov 6, 2024
6 checks passed
@yiannistri yiannistri deleted the 708-trivy-action-release-v2.8 branch November 6, 2024 10:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants