Skip to content

Commit

Permalink
try to fall back to alternate trivy DB database, see aquasecurity/tri…
Browse files Browse the repository at this point in the history
  • Loading branch information
mmguero committed Oct 22, 2024
1 parent ec6f6cc commit d303f8b
Show file tree
Hide file tree
Showing 22 changed files with 44 additions and 0 deletions.
2 changes: 2 additions & 0 deletions .github/workflows/api-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/arkime-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/dashboards-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/dashboards-helper-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/dirinit-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/file-monitor-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/file-upload-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/filebeat-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/freq-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -142,6 +142,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'fs'
scan-ref: './hedgehog-iso'
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/htadmin-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/logstash-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/malcolm-iso-build-docker-wrap-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -148,6 +148,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'fs'
scan-ref: './malcolm-iso'
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/netbox-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/nginx-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/opensearch-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 +110,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/pcap-capture-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/pcap-monitor-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/postgresql-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 +110,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/redis-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 +110,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/suricata-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 +110,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/zeek-build-and-push-ghcr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,8 @@ jobs:
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down

0 comments on commit d303f8b

Please sign in to comment.