From 0c417fd93bea55ec3f4587de1a59daa402aa5d9d Mon Sep 17 00:00:00 2001 From: Bertrand Goareguer <bertrand.goareguer@gmail.com> Date: Sat, 16 Nov 2024 17:59:19 +0000 Subject: [PATCH] Resolve "Unnecessary download of Trivy databases" --- templates/gitlab-ci-docker.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/templates/gitlab-ci-docker.yml b/templates/gitlab-ci-docker.yml index bf6d223..892d44e 100644 --- a/templates/gitlab-ci-docker.yml +++ b/templates/gitlab-ci-docker.yml @@ -996,8 +996,7 @@ docker-trivy: mkdir -p ./reports if [[ -z "${DOCKER_TRIVY_ADDR}" ]]; then log_warn "\\e[93mYou are using Trivy in standalone mode. To get faster scans, consider setting the DOCKER_TRIVY_ADDR variable to the address of a Trivy server. More info here: https://aquasecurity.github.io/trivy/latest/docs/references/modes/client-server/\\e[0m" - trivy image --download-db-only ${DOCKER_TRIVY_DB_REPOSITORY:+--db-repository $DOCKER_TRIVY_DB_REPOSITORY} ${DOCKER_TRIVY_JAVA_DB_REPOSITORY:+--java-db-repository $DOCKER_TRIVY_JAVA_DB_REPOSITORY} - export trivy_opts="image" + export trivy_opts="image ${DOCKER_TRIVY_DB_REPOSITORY:+--db-repository $DOCKER_TRIVY_DB_REPOSITORY}" else log_info "You are using Trivy in client/server mode with the following server: ${DOCKER_TRIVY_ADDR}" export trivy_opts="image --server ${DOCKER_TRIVY_ADDR}" -- GitLab