chore: increase scan timeout (#32)

* chore: increase scan timeout * set timeout for all jobs * set correct dependencies for commit job * try to remove needs at all * try out workaround * add ecr matrix * try another workaround * clean up * move needs
parcelLab · Jan 15, 2025 · 34e4ddb · 34e4ddb
1 parent 5d92177
commit 34e4ddb
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/.github/workflows/kubernetes.yaml b/.github/workflows/kubernetes.yaml
@@ -129,6 +129,7 @@ env:
   IMAGE_SCAN_SEVERITY: LOW
   IMAGE_SCAN_SEVERITY_THRESHOLD: CRITICAL
   IMAGE_SCAN_ANNOTATIONS: true
+  IMAGE_SCAN_TRIVY_TIMEOUT: 10m
 
 jobs:
   initialize:
@@ -232,6 +233,8 @@ jobs:
           severity: ${{ env.IMAGE_SCAN_SEVERITY }}
           severity_threshold: ${{ env.IMAGE_SCAN_SEVERITY_THRESHOLD }}
           annotations: ${{ env.IMAGE_SCAN_ANNOTATIONS }}
+        env:
+          TRIVY_TIMEOUT: ${{ env.IMAGE_SCAN_TRIVY_TIMEOUT }}
       - name: Push image to GitHub
         run: |
           docker push -a ${{ inputs.registryHostname }}/${{ inputs.registryOrg }}/${{ github.event.deployment.payload.name }}
@@ -303,6 +306,8 @@ jobs:
           severity: ${{ env.IMAGE_SCAN_SEVERITY }}
           severity_threshold: ${{ env.IMAGE_SCAN_SEVERITY_THRESHOLD }}
           annotations: ${{ env.IMAGE_SCAN_ANNOTATIONS }}
+        env:
+          TRIVY_TIMEOUT: ${{ env.IMAGE_SCAN_TRIVY_TIMEOUT }}
       - name: Push image to ECR
         if: inputs.repository_kind == 'ecr'
         run: |
@@ -368,6 +373,8 @@ jobs:
           severity: ${{ env.IMAGE_SCAN_SEVERITY }}
           severity_threshold: ${{ env.IMAGE_SCAN_SEVERITY_THRESHOLD }}
           annotations: ${{ env.IMAGE_SCAN_ANNOTATIONS }}
+        env:
+          TRIVY_TIMEOUT: ${{ env.IMAGE_SCAN_TRIVY_TIMEOUT }}
       - name: Push ${{ matrix.containerfile_targets }} image to ECR
         run: |
           docker push -a ${{ inputs.registryHostname }}/${{ inputs.registryOrg }}/${{ github.event.deployment.payload.name }}-${{ matrix.containerfile_targets }}
@@ -441,6 +448,8 @@ jobs:
           severity: ${{ env.IMAGE_SCAN_SEVERITY }}
           severity_threshold: ${{ env.IMAGE_SCAN_SEVERITY_THRESHOLD }}
           annotations: ${{ env.IMAGE_SCAN_ANNOTATIONS }}
+        env:
+          TRIVY_TIMEOUT: ${{ env.IMAGE_SCAN_TRIVY_TIMEOUT }}
       - name: Push ${{ matrix.containerfile_targets }} image to ECR
         run: |
           docker push -a ${{ steps.login-ecr.outputs.registry }}/${{ github.event.deployment.payload.name }}-${{ matrix.containerfile_targets }}