Skip to content

Commit

Permalink
also mirror checks
Browse files Browse the repository at this point in the history
  • Loading branch information
@rikukissa
rikukissa committed Oct 28, 2024
1 parent 46a5e5e commit 5c8e98f
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 2 deletions.
3 changes: 3 additions & 0 deletions .github/workflows/mirror-trivy-db.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,3 +73,6 @@ jobs:

- name: Mirror trivy-java-db to GHCR
run: ./mirror-image.sh docker://ghcr.io/aquasecurity/trivy-java-db:1 docker://ghcr.io/${{ github.repository_owner }}/trivy-java-db:1 ${{ env.RETRIES }}

- name: Mirror trivy-checks to GHCR
run: ./mirror-image.sh docker://ghcr.io/aquasecurity/trivy-checks:1 docker://ghcr.io/${{ github.repository_owner }}/trivy-checks:1 ${{ env.RETRIES }}
1 change: 1 addition & 0 deletions .github/workflows/security-scans.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,7 @@ jobs:
env:
TRIVY_DB_REPOSITORY: 'ghcr.io/opencrvs/trivy-db'
TRIVY_JAVA_DB_REPOSITORY: 'ghcr.io/opencrvs/trivy-java-db'
TRIVY_POLICIESBUNDLE_REPOSITORY: 'ghcr.io/opencrvs/trivy-checks'
with:
scan-type: 'fs'
scan-ref: 'branch'
Expand Down
3 changes: 1 addition & 2 deletions trivy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,7 @@ scan:
- usr/local/share/.cache/yarn/v6/
- home/node/.cache/yarn/v6
skip-files:
- Dockerfile.dockerignore
- packages/*/Dockerfile.dockerignore
- '**/*.dockerignore'
scanners:
- vuln
- misconfig
Expand Down

0 comments on commit 5c8e98f

Please sign in to comment.