Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: pull trivy DB from public AWS ECR #84

Merged
merged 5 commits into from
Nov 12, 2024
Merged

ci: pull trivy DB from public AWS ECR #84

merged 5 commits into from
Nov 12, 2024

Conversation

DavSanchez
Copy link
Contributor

No description provided.

@DavSanchez DavSanchez requested a review from a team November 7, 2024 21:27
paologallinaharbur
paologallinaharbur reviewed Nov 11, 2024
View reviewed changes
.github/workflows/download_trivy_db.yaml Outdated
Comment on lines 3 to 6
on:
schedule:
- cron: '0 0 * * *' # Update daily at 00:00 - before scheduled trivy scan
workflow_dispatch: # Allow manual triggering
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if you want to make it reusable you should add

on:
  workflow_call:
    inputs: [...] # not sure if these are needed

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤔 If we make this reusable, we we'll also need to open 20+ PRs for all the repositories using them, right? I guess we cannot have a cross-repo cache...

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess these PRs need to be open as well to reference this one, yes 🫠

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added in 1f03e76

@DavSanchez DavSanchez changed the title ci: schedule and cache daily Trivy DB download ci: pull trivy DB from public AWS ECR Nov 12, 2024
@DavSanchez
Copy link
Contributor Author

I checked another workaround that does not require opening PRs in all integrations. Added in commit bb741a1.

sigilioso
sigilioso approved these changes Nov 12, 2024
View reviewed changes
Copy link
Contributor

@sigilioso sigilioso left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! 🚀

We'll need to move v3 tag when this is merged

@DavSanchez DavSanchez merged commit 8e5f750 into newrelic:main Nov 12, 2024
6 checks passed
@DavSanchez DavSanchez deleted the patch-1 branch November 12, 2024 14:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@paologallinaharbur paologallinaharbur paologallinaharbur left review comments

@sigilioso sigilioso sigilioso approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@DavSanchez @sigilioso @paologallinaharbur