Added a fallback db repo

beeme1mr · web-flow · commit a0ab676cb19b · 2024-10-30T10:26:46.000-04:00
Support was added in v0.56.0 aquasecurity/trivy#7640 Signed-off-by: Michael Beemer <beeme1mr@users.noreply.github.com>
diff --git a/.github/workflows/pr-checks.yml b/.github/workflows/pr-checks.yml
@@ -75,15 +75,15 @@ jobs:
           cache-from: type=gha,scope=${{ github.ref_name }}-ofo
           cache-to: type=gha,scope=${{ github.ref_name }}-ofo
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.27.0
+        uses: aquasecurity/trivy-action@0.56.2
         with:
           input: ${{ github.workspace }}/open-feature-operator-local.tar
           format: "template"
           template: "@/contrib/sarif.tpl"
           output: "trivy-results.sarif"
           severity: "CRITICAL,HIGH"
         env:
-          TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
+          TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2,ghcr.io/aquasecurity/trivy-db:2
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v2
         with:
