From 6f5b7afd396b2b26b89a23f0eeb621cb84d606c6 Mon Sep 17 00:00:00 2001 From: Andrei Aaron Date: Thu, 12 Jan 2023 19:54:53 +0200 Subject: [PATCH] ci(trivy): copy trivydb oci artefact to project-zot repo (#1106) This will replace calls made directly to ghcr.io/aquasecurity/trivy-db Which are hitting the rate limiter Signed-off-by: Andrei Aaron --- ...ang-image.yaml => sync-3rdparty-images.yaml} | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) rename .github/workflows/{sync-golang-image.yaml => sync-3rdparty-images.yaml} (63%) diff --git a/.github/workflows/sync-golang-image.yaml b/.github/workflows/sync-3rdparty-images.yaml similarity index 63% rename from .github/workflows/sync-golang-image.yaml rename to .github/workflows/sync-3rdparty-images.yaml index 25f8290d..be73e83d 100644 --- a/.github/workflows/sync-golang-image.yaml +++ b/.github/workflows/sync-3rdparty-images.yaml @@ -1,4 +1,4 @@ -name: 'Sync golang image from docker to ghcr' +name: 'Sync images and artifacts to ghcr' on: schedule: - cron: '30 1 * * *' @@ -12,7 +12,7 @@ permissions: jobs: sync-golang: - name: 'sync' + name: 'golang' strategy: matrix: golang_version: @@ -32,3 +32,16 @@ jobs: docker pull golang:${{ matrix.golang_version }} docker tag golang:${{ matrix.golang_version }} ghcr.io/${{ github.repository_owner }}/golang:${{ matrix.golang_version }} docker push ghcr.io/${{ github.repository_owner }}/golang:${{ matrix.golang_version }} + sync-trivy: + name: 'trivy-db' + runs-on: ubuntu-latest + steps: + - name: Log in to GitHub Docker Registry + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Copy trivy-db using oras cli + run: | + oras copy ghcr.io/aquasecurity/trivy-db:2 ghcr.io/ghcr.io/${{ github.repository_owner }}/trivy-db:2