Merge pull request #1614 from NASA-AMMOS/dev/alternate-trivy-db

dandelany · web-flow · commit a728fc938535 · 2024-12-06T12:24:22.000-08:00
use alternate repository for trivy vulnerabilities DB in Publish workflow
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -151,6 +151,9 @@ jobs:
 
       - name: Scan ${{ matrix.image }} for vulnerabilities
         uses: aquasecurity/trivy-action@0.24.0
+        env:
+          TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db
+          TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db
         with:
           image-ref: ${{ env.REGISTRY }}/${{ env.OWNER }}/${{ matrix.image }}:develop
           ignore-unfixed: true
