aboutsummaryrefslogtreecommitdiffstats
path: root/.gitea/workflows/db-trivy.yaml
diff options
context:
space:
mode:
authorAstound <kirito@disroot.org>2024-12-19 23:41:54 +0800
committerAstound <kirito@disroot.org>2024-12-19 23:41:54 +0800
commit52ed4f20374674e2daa0982f983da0f5c2f40dc2 (patch)
tree9c84585c490dd964661df35e4db7e5a64f630856 /.gitea/workflows/db-trivy.yaml
parent5ab63cfe46d5390cb95485502c71baa8a0491fa2 (diff)
downloadyt-local-docker-52ed4f20374674e2daa0982f983da0f5c2f40dc2.tar.lz
yt-local-docker-52ed4f20374674e2daa0982f983da0f5c2f40dc2.tar.xz
yt-local-docker-52ed4f20374674e2daa0982f983da0f5c2f40dc2.zip
Remove cache DB trivy
Diffstat (limited to '.gitea/workflows/db-trivy.yaml')
-rw-r--r--.gitea/workflows/db-trivy.yaml46
1 files changed, 0 insertions, 46 deletions
diff --git a/.gitea/workflows/db-trivy.yaml b/.gitea/workflows/db-trivy.yaml
deleted file mode 100644
index 30ec177..0000000
--- a/.gitea/workflows/db-trivy.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
-# Note: This workflow only updates the cache. You should create a separate workflow for your actual Trivy scans.
-# In your scan workflow, set TRIVY_SKIP_DB_UPDATE=true and TRIVY_SKIP_JAVA_DB_UPDATE=true.
-name: Update Trivy Cache
-
-on:
- schedule:
- - cron: '0 0 * * *' # Run daily at midnight UTC
- workflow_dispatch: # Allow manual triggering
-
-jobs:
- update-trivy-db:
- runs-on: ubuntu-latest
- steps:
- - name: Get current date
- id: date
- run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT
-
- - name: Install Oras
- id: oras
- run: |
- VERSION="1.2.0"
- curl -LO "https://github.com/oras-project/oras/releases/download/v${VERSION}/oras_${VERSION}_linux_amd64.tar.gz"
- mkdir -p oras-install/
- tar -zxf oras_${VERSION}_*.tar.gz -C oras-install/
- sudo mv oras-install/oras /usr/local/bin/
- rm -rf oras_${VERSION}_*.tar.gz oras-install/
-
- - name: Download and extract the vulnerability DB
- run: |
- mkdir -p $GITHUB_WORKSPACE/.cache/trivy/db
- oras pull public.ecr.aws/aquasecurity/trivy-db:2
- tar -xzf db.tar.gz -C $GITHUB_WORKSPACE/.cache/trivy/db
- rm db.tar.gz
-
- - name: Download and extract the Java DB
- run: |
- mkdir -p $GITHUB_WORKSPACE/.cache/trivy/java-db
- oras pull public.ecr.aws/aquasecurity/trivy-java-db:1
- tar -xzf javadb.tar.gz -C $GITHUB_WORKSPACE/.cache/trivy/java-db
- rm javadb.tar.gz
-
- - name: Cache DBs
- uses: actions/cache/save@v4
- with:
- path: ${{ github.workspace }}/.cache/trivy
- key: cache-trivy-${{ steps.date.outputs.date }}