From 88be4d0c3f1e46bd46ed0bf2e19718c68c0c0a83 Mon Sep 17 00:00:00 2001
From: aldousalvarez <aldousss.alvarez@gmail.com>
Date: Fri, 29 Nov 2024 17:59:12 +0800
Subject: [PATCH] ci(trivy): fix scan failures due to TOOMANYREQUESTS DB error

Primary Changes
----------------
1. Updated the ci.yaml to make the trivy scan
   run only on the weekends

Fixes #3652

Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
---
 .github/workflows/ci.yaml | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 5f3c1e4eff..4d5342b70a 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -493,7 +493,7 @@ jobs:
             --tag cmd-api-server \
             --tag "ghcr.io/hyperledger/cactus-cmd-api-server:$(date +"%Y-%m-%dT%H-%M-%S" --utc)-dev-$(git rev-parse --short HEAD)"
 
-      - if: ${{ env.RUN_TRIVY_SCAN == 'true' }}
+      - if: ${{ env.RUN_TRIVY_SCAN == 'true' && github.event.name == "schedule" }}
         name: Run Trivy vulnerability scan for cmd-api-server
         uses: aquasecurity/trivy-action@0.19.0
         with:
@@ -1417,7 +1417,7 @@ jobs:
         working-directory: packages/cactus-plugin-ledger-connector-corda/src/main-server/kotlin/gen/kotlin-spring/
         run: ./gradlew clean build -Pversion=dev -DrootProjectName=cacti-connector-corda-server
   
-      - if: ${{ env.RUN_TRIVY_SCAN == 'true' }}
+      - if: ${{ env.RUN_TRIVY_SCAN == 'true' && github.event.name == "schedule" }}
         name: Run Trivy vulnerability scan for cactus-connector-corda-server
         uses: aquasecurity/trivy-action@0.19.0
         with:
@@ -2279,7 +2279,7 @@ jobs:
       - uses: actions/checkout@v4.1.7
       - name: ghcr.io/hyperledger/cactus-keychain-vault-server
         run: DOCKER_BUILDKIT=1 docker build ./packages/cactus-plugin-keychain-vault/src/cactus-keychain-vault-server/ -f ./packages/cactus-plugin-keychain-vault/src/cactus-keychain-vault-server/Dockerfile -t cactus-keychain-vault-server
-      - if: ${{ env.RUN_TRIVY_SCAN == 'true' }}
+      - if: ${{ env.RUN_TRIVY_SCAN == 'true' && github.event.name == "schedule" }}
         name: Run Trivy vulnerability scan for cactus-keychain-vault-server
         uses: aquasecurity/trivy-action@0.19.0
         with:
@@ -2300,4 +2300,7 @@ name: Cactus_CI
   push:
     branches:
       - main
-      - dev
\ No newline at end of file
+      - dev
+  schedule:
+    # Run at 8:00 AM UTC on weekends (Saturday and Sunday)
+    - cron: '0 8 * * 6,0''
\ No newline at end of file