Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: fix trivy timeout #842

Merged

Conversation

salasberryfin
Copy link
Contributor

What this PR does / why we need it:

This is taken from @yiannistri's rancher/aks-operator#718 and since we're also experiencing these issues in Turtles, I thought it's worth adding it here too.

@yiannistri:

We frequently get CI failures when scanning with trivy because there have been too many requests to download the vulnerability db from the rancher org (because many of its repos are using it).

This PR updates the Scan workflow to include additional repositories to be used if trivy fails to retrieve the vulnerability db from the primary source.

Which issue(s) this PR fixes:
Fixes #

Special notes for your reviewer:

Source for fix: aquasecurity/trivy#7668 (reply in thread)

Checklist:

  • squashed commits into logical changes
  • includes documentation
  • adds unit tests
  • adds or updates e2e tests

Signed-off-by: Carlos Salas <carlos.salas@suse.com>
@salasberryfin salasberryfin merged commit ac5a638 into rancher:main Nov 6, 2024
16 of 26 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants