disable trivy scan

corneliusludmann · corneliusludmann · commit d79ead563a69 · 2025-04-30T10:03:28.000Z
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -330,30 +330,30 @@ jobs:
           GITHUB_EMAIL: roboquat@gitpod.io
           VERSION: ${{ needs.configuration.outputs.version }}
 
-  trivy-scan:
-    name: "Scan Images for Vulnerabilities"
-    needs:
-      - configuration
-      - build-gitpod
-      - create-runner
-    runs-on: ${{ needs.create-runner.outputs.label }}
-    container:
-      image: eu.gcr.io/gitpod-dev-artifact/dev/dev-environment:clu-leeway-sbom-gha.32312
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup Environment
-        uses: ./.github/actions/setup-environment
-        with:
-          identity_provider: ${{ github.ref == 'refs/heads/main' && secrets.CORE_DEV_PROVIDER || secrets.DEV_PREVIEW_PROVIDER }}
-          service_account: ${{ github.ref == 'refs/heads/main' && secrets.CORE_DEV_SA || secrets.DEV_PREVIEW_SA }}
-          leeway_segment_key: ${{ secrets.LEEWAY_SEGMENT_KEY }}
-      - name: Scan Images for Vulnerabilities
-        shell: bash
-        env:
-          INSTALLER_IMAGE_BASE_REPO: ${{needs.configuration.outputs.image_repo_base}}
-        run: |
-          ./scripts/trivy/trivy-scan-images.sh ${{ needs.configuration.outputs.version }} CRITICAL
-          exit $?
+  # trivy-scan:
+  #   name: "Scan Images for Vulnerabilities"
+  #   needs:
+  #     - configuration
+  #     - build-gitpod
+  #     - create-runner
+  #   runs-on: ${{ needs.create-runner.outputs.label }}
+  #   container:
+  #     image: eu.gcr.io/gitpod-dev-artifact/dev/dev-environment:clu-leeway-sbom-gha.32312
+  #   steps:
+  #     - uses: actions/checkout@v4
+  #     - name: Setup Environment
+  #       uses: ./.github/actions/setup-environment
+  #       with:
+  #         identity_provider: ${{ github.ref == 'refs/heads/main' && secrets.CORE_DEV_PROVIDER || secrets.DEV_PREVIEW_PROVIDER }}
+  #         service_account: ${{ github.ref == 'refs/heads/main' && secrets.CORE_DEV_SA || secrets.DEV_PREVIEW_SA }}
+  #         leeway_segment_key: ${{ secrets.LEEWAY_SEGMENT_KEY }}
+  #     - name: Scan Images for Vulnerabilities
+  #       shell: bash
+  #       env:
+  #         INSTALLER_IMAGE_BASE_REPO: ${{needs.configuration.outputs.image_repo_base}}
+  #       run: |
+  #         ./scripts/trivy/trivy-scan-images.sh ${{ needs.configuration.outputs.version }} CRITICAL
+  #         exit $?
 
   install-app:
     runs-on: ${{ needs.create-runner.outputs.label }}
