Skip to content

use trivy ECR DB #1596

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
EnriqueL8 merged 1 commit into from
Nov 1, 2024
Merged

use trivy ECR DB #1596

EnriqueL8 merged 1 commit into from
Nov 1, 2024

Conversation

@shorsher
Copy link
Member

@shorsher shorsher commented Nov 1, 2024
edited
Loading

Aqua security (trivy maintainers) now publish their vulnerability databases on ECR, which does not have rate limits. Using ECR should fix the 429 we were seeing when pulling from the default ghcr database that the trivy tool has built-in.

@shorsher shorsher requested a review from a team as a code owner November 1, 2024 17:18
@shorsher
use trivy ECR DB
bca70ef 
 - should avoid 429 we were seeing from ghcr

Signed-off-by: Alex Shorsher <alex.shorsher@kaleido.io>
@codecov
Copy link

codecov bot commented Nov 1, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 99.96%. Comparing base (0540b66) to head (bca70ef).
Report is 4 commits behind head on main.

Additional details and impacted files 
@@             Coverage Diff             @@
##              main    #1596      +/-   ##
===========================================
- Coverage   100.00%   99.96%   -0.04%     
===========================================
  Files          337      337              
  Lines        24230    29492    +5262     
===========================================
+ Hits         24230    29483    +5253     
- Misses           0        7       +7     
- Partials         0        2       +2

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

EnriqueL8
EnriqueL8 approved these changes Nov 1, 2024
View reviewed changes
Copy link
Contributor

@EnriqueL8 EnriqueL8 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you, this is great

@EnriqueL8 EnriqueL8 merged commit f81d957 into hyperledger:main Nov 1, 2024
@awrichar awrichar deleted the trivy-ecr-pull branch November 1, 2024 18:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@EnriqueL8 EnriqueL8 EnriqueL8 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@shorsher @EnriqueL8