From f9ea3215c6f3f4fe28ba5ac4c6f4994db2cf000c Mon Sep 17 00:00:00 2001
From: AndyZiYe <yeziyu@starrocks.com>
Date: Tue, 21 May 2024 11:36:51 +0800
Subject: [PATCH] [Tool] Trivy Pipeline

Signed-off-by: AndyZiYe <yeziyu@starrocks.com>
---
 .github/workflows/trivy-pipeline.yml | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/trivy-pipeline.yml b/.github/workflows/trivy-pipeline.yml
index cf532be13f419..3cbbe53a74573 100644
--- a/.github/workflows/trivy-pipeline.yml
+++ b/.github/workflows/trivy-pipeline.yml
@@ -16,15 +16,16 @@ concurrency:
 
 jobs:
   trivy-checker:
-    runs-on: [self-hosted, normal]
+    runs-on: [self-hosted, trivy]
     name: RUN
     steps:
-      - name: Init
-        run: |
-          mkdir ${{ github.workspace }}/trivy_temp
+      - name: Checkout code
+        uses: actions/checkout@v3
 
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@d710430a6722f083d3b36b8339ff66b32f22ee55 #0.19.0
+        env:
+          TMPDIR: ${{ github.workspace }}/trivy_temp # Required to prevent Trivy running out of space
         with:
           image-ref: "registry.cn-zhangjiakou.aliyuncs.com/starrocks/dev-env-centos7:3.1-latest"
           scan-type: "image"