From 963f5d89e6656749a5ff408df6252f207291ebdc Mon Sep 17 00:00:00 2001
From: Pietralberto Mazza <18440657+altafan@users.noreply.github.com>
Date: Fri, 15 Nov 2024 18:12:56 +0100
Subject: [PATCH] Fix trivy gh action (#381)

* Update trivy gha

* Update tryvy gha

* Fix
---
 .github/workflows/ark.trivy.yaml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ark.trivy.yaml b/.github/workflows/ark.trivy.yaml
index 737ff37..8ea8235 100644
--- a/.github/workflows/ark.trivy.yaml
+++ b/.github/workflows/ark.trivy.yaml
@@ -25,7 +25,10 @@ jobs:
           tags: ${{ github.repository }}:${{ github.sha }}
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.24.0
+        uses: aquasecurity/trivy-action@0.28.0
+        env:
+          # avoid GHCR rate limits, see https://github.com/aquasecurity/trivy-db/pull/440 and https://github.com/aquasecurity/trivy-action/issues/389
+          TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
         with:
           image-ref: "${{ github.repository }}:${{ github.sha }}"
           format: "table"