-
Notifications
You must be signed in to change notification settings - Fork 65
34 lines (29 loc) · 1.03 KB
/
trivy-cache.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
# name: Update Trivy Cache
# on:
# schedule:
# - cron: '0 0 * * *'
# workflow_dispatch:
# jobs:
# update-trivy-db:
# runs-on: ubuntu-latest
# steps:
# - name: Get current date
# id: date
# run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT
# - name: Download and extract the vulnerability DB
# run: |
# mkdir -p $GITHUB_WORKSPACE/.cache/trivy/db
# oras pull ghcr.io/aquasecurity/trivy-db:2
# tar -xzf db.tar.gz -C $GITHUB_WORKSPACE/.cache/trivy/db
# rm db.tar.gz
# - name: Download and extract the Java DB
# run: |
# mkdir -p $GITHUB_WORKSPACE/.cache/trivy/java-db
# oras pull ghcr.io/aquasecurity/trivy-java-db:1
# tar -xzf javadb.tar.gz -C $GITHUB_WORKSPACE/.cache/trivy/java-db
# rm javadb.tar.gz
# - name: Cache DBs
# uses: actions/cache/save@v4
# with:
# path: ${{ github.workspace }}/.cache/trivy
# key: cache-trivy-${{ steps.date.outputs.date }}