Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

use trivy ECR DB #1596

Merged
merged 1 commit into from
Nov 1, 2024
Merged

use trivy ECR DB #1596

merged 1 commit into from
Nov 1, 2024

Conversation

shorsher
Copy link
Member

@shorsher shorsher commented Nov 1, 2024
edited
Loading

Aqua security (trivy maintainers) now publish their vulnerability databases on ECR, which does not have rate limits. Using ECR should fix the 429 we were seeing when pulling from the default ghcr database that the trivy tool has built-in.

@shorsher shorsher requested a review from a team as a code owner November 1, 2024 17:18
@shorsher
use trivy ECR DB
bca70ef 
 - should avoid 429 we were seeing from ghcr

Signed-off-by: Alex Shorsher <[email protected]>
@codecov Codecov
Copy link

codecov bot commented Nov 1, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 99.96%. Comparing base (0540b66) to head (bca70ef).
Report is 4 commits behind head on main.

Additional details and impacted files 
@@             Coverage Diff             @@
##              main    #1596      +/-   ##
===========================================
- Coverage   100.00%   99.96%   -0.04%     
===========================================
  Files          337      337              
  Lines        24230    29492    +5262     
===========================================
+ Hits         24230    29483    +5253     
- Misses           0        7       +7     
- Partials         0        2       +2

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

EnriqueL8
EnriqueL8 approved these changes Nov 1, 2024
View reviewed changes
Copy link
Contributor

@EnriqueL8 EnriqueL8 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you, this is great

@EnriqueL8 EnriqueL8 merged commit f81d957 into hyperledger:main Nov 1, 2024
17 checks passed
@awrichar awrichar deleted the trivy-ecr-pull branch November 1, 2024 18:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@EnriqueL8 EnriqueL8 EnriqueL8 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@shorsher @EnriqueL8