extern/workspaces-core-images
1
0
Fork 0
mirror of https://github.com/kasmtech/workspaces-core-images.git synced 2024-11-07 08:04:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'bugfix/KASM-6644_fix_docker_scan_rate_limiting' into 'develop'

Browse Source 
KASM-6644 Use a github PAT with no permmissions to get around ghcr.io trivy...

Closes KASM-6644

See merge request kasm-technologies/internal/workspaces-core-images!231
This commit is contained in:
Richard Koliser 2024-10-30 12:34:04 +00:00
commit da097b56af
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ci-scripts/scan
View File

@ -3,7 +3,14 @@
set -eo pipefail set -eo pipefail
build_report() { build_report() {
set +e
$trivy_cmd --exit-code 0 --format template --template "@/$trivy_dir/contrib/junit.tpl" -o "$source_dir/trivy-report.xml" "$target" $trivy_cmd --exit-code 0 --format template --template "@/$trivy_dir/contrib/junit.tpl" -o "$source_dir/trivy-report.xml" "$target"
RESULT=$?
set -e
if [ $RESULT -ne 0 ]; then
echo "Trivy command failed with default db, falling back to using ECR vuln db"
$trivy_cmd --db-repository public.ecr.aws/aquasecurity/trivy-db:2 --java-db-repository public.ecr.aws/aquasecurity/trivy-java-db:1 --exit-code 0 --format template --template "@/$trivy_dir/contrib/junit.tpl" -o "$source_dir/trivy-report.xml" "$target"
fi
#$trivy_cmd --exit-code 0 --format json -o "$source_dir/report.json" "$target" #$trivy_cmd --exit-code 0 --format json -o "$source_dir/report.json" "$target"
} }