Skip to content

Commit

Permalink
ci(trivy): fix scan failures due to TOOMANYREQUESTS DB error
Browse files Browse the repository at this point in the history
Primary Changes
----------------
1. Updated the ci.yaml to make the trivy scan
   run only on the weekends

Fixes hyperledger-cacti#3652

Signed-off-by: aldousalvarez <[email protected]>
  • Loading branch information
aldousalvarez committed Dec 2, 2024
1 parent 7579bc1 commit a4d7a7e
Showing 1 changed file with 8 additions and 5 deletions.
13 changes: 8 additions & 5 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ jobs:
- name: Set output
id: set-output
run: echo "run-coverage=${{ env.RUN_CODE_COVERAGE }}" >> "$GITHUB_OUTPUT"

compute_changed_packages:
needs: check-ci-skip
outputs:
Expand Down Expand Up @@ -493,7 +493,7 @@ jobs:
--tag cmd-api-server \
--tag "ghcr.io/hyperledger/cactus-cmd-api-server:$(date +"%Y-%m-%dT%H-%M-%S" --utc)-dev-$(git rev-parse --short HEAD)"
- if: ${{ env.RUN_TRIVY_SCAN == 'true' }}
- if: ${{ env.RUN_TRIVY_SCAN == 'true' && github.event.name == "schedule" }}
name: Run Trivy vulnerability scan for cmd-api-server
uses: aquasecurity/[email protected]
with:
Expand Down Expand Up @@ -1417,7 +1417,7 @@ jobs:
working-directory: packages/cactus-plugin-ledger-connector-corda/src/main-server/kotlin/gen/kotlin-spring/
run: ./gradlew clean build -Pversion=dev -DrootProjectName=cacti-connector-corda-server

- if: ${{ env.RUN_TRIVY_SCAN == 'true' }}
- if: ${{ env.RUN_TRIVY_SCAN == 'true' && github.event.name == "schedule" }}
name: Run Trivy vulnerability scan for cactus-connector-corda-server
uses: aquasecurity/[email protected]
with:
Expand Down Expand Up @@ -2279,7 +2279,7 @@ jobs:
- uses: actions/[email protected]
- name: ghcr.io/hyperledger/cactus-keychain-vault-server
run: DOCKER_BUILDKIT=1 docker build ./packages/cactus-plugin-keychain-vault/src/cactus-keychain-vault-server/ -f ./packages/cactus-plugin-keychain-vault/src/cactus-keychain-vault-server/Dockerfile -t cactus-keychain-vault-server
- if: ${{ env.RUN_TRIVY_SCAN == 'true' }}
- if: ${{ env.RUN_TRIVY_SCAN == 'true' && github.event.name == "schedule" }}
name: Run Trivy vulnerability scan for cactus-keychain-vault-server
uses: aquasecurity/[email protected]
with:
Expand All @@ -2300,4 +2300,7 @@ name: Cactus_CI
push:
branches:
- main
- dev
- dev
schedule:
# Run at 8:00 AM UTC on weekends (Saturday and Sunday)
- cron: '0 8 * * 6,0''

0 comments on commit a4d7a7e

Please sign in to comment.