@ashnamehrotra @sozercan Please review this PR

@SaptarshiSarkar12 thank you for the PR! I think we can simplify this to one argument. If there are a # of retries specified, we can retry otherwise we don't use retry logic? Would you also be able to modify the test to use these arguments to confirm it works as expected? https://github.com/project-copacetic/copa-action/blob/main/.github/workflows/build.yaml#L83

I think we can simplify this to one argument. If there are a # of retries specified, we can retry otherwise we don't use retry logic?

Yes, correct 👍.

Would you also be able to modify the test to use these arguments to confirm it works as expected? https://github.com/project-copacetic/copa-action/blob/main/.github/workflows/build.yaml#L83

@ashnamehrotra Okay. I will 😀. I am out of station now. So, I would make the changes once I return back home (probably 14th of October). Is it fine?

@ashnamehrotra Hi Ashna 👋!
I have made the requested changes. Please review it.

Nowadays, I am encountering an issue with copa for the below situation.
Suppose all the vulnerabilities are already patched for oracle image. But Trivy reports false positives, so, the GH Action runs copa patch but it fails with the error Error: no patchable packages found.
A probable solution can be adding a boolean actions input called fail_if_no_vulns which will not exit with status code 1 if it fails for that reason. So, would I create a new issue for that?
Reference workflow run: https://github.com/SaptarshiSarkar12/Drifty/actions/runs/10968623586/job/30460218219#step:6:2111

TOOMANYREQUESTS: retry-after: 569.492µs, allowed: 44000/minute

@ashnamehrotra From the failed build log, it seems that there have been too many requests error. Unfortunately, it is a bug reported in aquasecurity/trivy-action#389 and https://github.com/orgs/community/discussions/139074#discussioncomment-10808081 where they suggest using AWS image.
What to do from our side to fix this build? A retry might work 🤞.

@ashnamehrotra Hi Ashna 👋! I have made the requested changes. Please review it.

Nowadays, I am encountering an issue with copa for the below situation. Suppose all the vulnerabilities are already patched for oracle image. But Trivy reports false positives, so, the GH Action runs copa patch but it fails with the error Error: no patchable packages found. A probable solution can be adding a boolean actions input called fail_if_no_vulns which will not exit with status code 1 if it fails for that reason. So, would I create a new issue for that? Reference workflow run: https://github.com/SaptarshiSarkar12/Drifty/actions/runs/10968623586/job/30460218219#step:6:2111

Hi @SaptarshiSarkar12 this is something we will fix soon in project-copacetic/copacetic#802. This way we will be able to ignore the error of no upgradable packages with the --ignore-errors flag

Hi @SaptarshiSarkar12 this is something we will fix soon in project-copacetic/copacetic#802. This way we will be able to ignore the error of no upgradable packages with the --ignore-errors flag

@ashnamehrotra Hi Ashna 👋!
That sounds great 👍. Would really appreciate such improvement.
But would that cause any issue with my current setup for patching oraclelinux - I'm currently patching the whole image with no Trivy reports passed to copa?