From f4e64ec99f539da723a7f33d29f1a15bc583e685 Mon Sep 17 00:00:00 2001
From: Tiexin Guo <guotiexin@gmail.com>
Date: Wed, 9 Oct 2024 09:10:07 +0800
Subject: [PATCH] chore: vuln scan failure workaround (#507)

Known issue: https://github.com/aquasecurity/trivy-action/issues/389
Workaround:
https://github.com/orgs/community/discussions/139074#discussioncomment-10808081
---
 .github/workflows/scanning.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/workflows/scanning.yml b/.github/workflows/scanning.yml
index 83a36233..0a7c5221 100644
--- a/.github/workflows/scanning.yml
+++ b/.github/workflows/scanning.yml
@@ -20,3 +20,8 @@ jobs:
           scan-type: 'fs'
           scan-ref: '.'
           trivy-config: .github/trivy.yaml
+        env:
+          TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db
+          # TODO: Remove the whole "env" section when the issue below is resolved.
+          # Known issue: aquasecurity/trivy-action#389.
+          # Workaround: https://github.com/orgs/community/discussions/139074#discussioncomment-10808081.