Skip to content

feat: Add Trivy scanner to the pipeline #296

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

feat: Add Trivy scanner to the pipeline #296

wants to merge 2 commits into from

Conversation

@huberts90
Copy link

@huberts90 huberts90 commented Oct 12, 2024

Trivy action scans a Docker image against vulnerabilities in the CI/CD. The vulnerabilities cache is scheduled to be updated on a daily basis.

@huberts90 huberts90 force-pushed the hsiwik/docker-security-scanner branch 2 times, most recently from c4205c5 to eaea315 Compare October 15, 2024 13:06
fzipi
fzipi reviewed Oct 15, 2024
View reviewed changes
@huberts90 huberts90 force-pushed the hsiwik/docker-security-scanner branch 4 times, most recently from c1d3c39 to 5bdbf7b Compare October 16, 2024 06:10
@fzipi
Copy link
Member

fzipi commented Oct 27, 2024

Nice, I think it has a good find. Will fix and then we can rebase.

@fzipi
Copy link
Member

fzipi commented Oct 30, 2024

@huberts90 Can you take a look on why this is failing now?

@huberts90 huberts90 force-pushed the hsiwik/docker-security-scanner branch 6 times, most recently from 3267dd5 to 902a97a Compare November 13, 2024 09:37
@huberts90
feat: Add Trivy scanner to the pipeline
083e0a5 
Signed-off-by: Hubert Siwik <siwik.hubert@gmail.com>
@huberts90 huberts90 force-pushed the hsiwik/docker-security-scanner branch from 902a97a to 083e0a5 Compare November 13, 2024 09:43
@huberts90
Copy link
Author

huberts90 commented Nov 13, 2024

@huberts90 Can you take a look on why this is failing now?

Thanks, Felipe, for drawing my attention. There was an error with cache, but now we are hitting the rate limit. Will be thinking about how to overcome it.

@fzipi
Copy link
Member

fzipi commented Sep 4, 2025

Hi @huberts90 ! Any appetite for finishing this one?

@theseion
Copy link
Contributor

theseion commented Oct 18, 2025

I can't see the logs anymore, but, IIRC, the rate limit is tied to downloading the database and can be circumvented by using a different registry / mirror. GHCR would make sense, IMO.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fzipi fzipi fzipi left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@huberts90 @fzipi @theseion