Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: Keep Trivy cache up-to-date on default branch #1878

Merged
merged 1 commit into from
Oct 28, 2024
Merged

ci: Keep Trivy cache up-to-date on default branch #1878

merged 1 commit into from
Oct 28, 2024

Conversation

SanjayVas
Copy link
Member

@wfa-reviewable
Copy link

This change is Reviewable

@SanjayVas SanjayVas force-pushed the sanjayvas-trivy-cache branch from 0e9bd6c to 124da42 Compare October 24, 2024 17:40
@SanjayVas SanjayVas marked this pull request as ready for review October 24, 2024 17:45
stevenwarejones
stevenwarejones requested changes Oct 28, 2024
View reviewed changes
Copy link
Collaborator

@stevenwarejones stevenwarejones left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed all commit messages.
Reviewable status: 0 of 2 files reviewed, 1 unresolved discussion (waiting on @SanjayVas)

.github/workflows/scan-images.yml line 99 at r1 (raw file):

        uses: aquasecurity/[email protected]
        env:
          TRIVY_SKIP_DB_UPDATE: true

why would we skip updating the vulnerability db?

SanjayVas
SanjayVas commented Oct 28, 2024
View reviewed changes
Copy link
Member Author

@SanjayVas SanjayVas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewable status: 0 of 2 files reviewed, 1 unresolved discussion (waiting on @stevenwarejones)

.github/workflows/scan-images.yml line 99 at r1 (raw file):

Previously, stevenwarejones (Steven Ware Jones) wrote…

why would we skip updating the vulnerability db?

The idea is to use the cached versions rather than having the Trivy application attempt to download the DBs. The link in the PR description explains this.

stevenwarejones
stevenwarejones approved these changes Oct 28, 2024
View reviewed changes
Copy link
Collaborator

@stevenwarejones stevenwarejones left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed 2 of 2 files at r1.
Reviewable status: all files reviewed, 1 unresolved discussion (waiting on @SanjayVas)

@SanjayVas SanjayVas force-pushed the sanjayvas-trivy-cache branch from 124da42 to 3df831c Compare October 28, 2024 18:52
SanjayVas
SanjayVas commented Oct 28, 2024
View reviewed changes
Copy link
Member Author

@SanjayVas SanjayVas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dismissed @stevenwarejones from a discussion.
Reviewable status: :shipit: complete! all files reviewed, all discussions resolved (waiting on @SanjayVas)

@SanjayVas SanjayVas enabled auto-merge (squash) October 28, 2024 18:53
@SanjayVas SanjayVas merged commit f388774 into main Oct 28, 2024
4 checks passed
@SanjayVas SanjayVas deleted the sanjayvas-trivy-cache branch October 28, 2024 18:57
@SanjayVas SanjayVas mentioned this pull request Oct 31, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stevenwarejones stevenwarejones stevenwarejones approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@SanjayVas @wfa-reviewable @stevenwarejones