From 0c417fd93bea55ec3f4587de1a59daa402aa5d9d Mon Sep 17 00:00:00 2001
From: Bertrand Goareguer <bertrand.goareguer@gmail.com>
Date: Sat, 16 Nov 2024 17:59:19 +0000
Subject: [PATCH] Resolve "Unnecessary download of Trivy databases"

---
 templates/gitlab-ci-docker.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/templates/gitlab-ci-docker.yml b/templates/gitlab-ci-docker.yml
index bf6d223..892d44e 100644
--- a/templates/gitlab-ci-docker.yml
+++ b/templates/gitlab-ci-docker.yml
@@ -996,8 +996,7 @@ docker-trivy:
     mkdir -p ./reports
     if [[ -z "${DOCKER_TRIVY_ADDR}" ]]; then
       log_warn "\\e[93mYou are using Trivy in standalone mode. To get faster scans, consider setting the DOCKER_TRIVY_ADDR variable to the address of a Trivy server. More info here: https://aquasecurity.github.io/trivy/latest/docs/references/modes/client-server/\\e[0m"
-      trivy image --download-db-only ${DOCKER_TRIVY_DB_REPOSITORY:+--db-repository $DOCKER_TRIVY_DB_REPOSITORY} ${DOCKER_TRIVY_JAVA_DB_REPOSITORY:+--java-db-repository $DOCKER_TRIVY_JAVA_DB_REPOSITORY}
-      export trivy_opts="image"
+      export trivy_opts="image ${DOCKER_TRIVY_DB_REPOSITORY:+--db-repository $DOCKER_TRIVY_DB_REPOSITORY}"
     else
       log_info "You are using Trivy in client/server mode with the following server: ${DOCKER_TRIVY_ADDR}"
       export trivy_opts="image --server ${DOCKER_TRIVY_ADDR}"
-- 
GitLab