chore: optimize trivy

.github/workflows/deploy_dev.yml

@@ -6,7 +6,7 @@ on:
 jobs:
   gitlab-dev-deploy:
     if: ${{ github.event.registry_package.package_version.container_metadata.tag.name == 'development' }}
-    uses: epam/ai-dial-ci/.github/workflows/deploy-development.yml@1.8.0
+    uses: epam/ai-dial-ci/.github/workflows/deploy-development.yml@1.10.0
     with:
       gitlab-project-id: '1830'
       gitlab-project-ref: 'master'

.github/workflows/pr-title-check.yml

@@ -9,6 +9,6 @@ on:
 
 jobs:
   pr-title-check:
-    uses: epam/ai-dial-ci/.github/workflows/pr-title-check.yml@1.8.0
+    uses: epam/ai-dial-ci/.github/workflows/pr-title-check.yml@1.10.0
     secrets:
       ACTIONS_BOT_TOKEN: ${{ secrets.ACTIONS_BOT_TOKEN }}

.github/workflows/pr.yml

@@ -6,7 +6,7 @@ on:
 
 jobs:
   run_tests:
-    uses: epam/ai-dial-ci/.github/workflows/python_docker_pr.yml@1.8.0
+    uses: epam/ai-dial-ci/.github/workflows/python_docker_pr.yml@1.10.0
     secrets: inherit
     with:
       python_version: "3.10"

.github/workflows/release.yml

@@ -6,7 +6,7 @@ on:
 
 jobs:
   release:
-    uses: epam/ai-dial-ci/.github/workflows/python_docker_release.yml@1.8.0
+    uses: epam/ai-dial-ci/.github/workflows/python_docker_release.yml@1.10.0
     secrets: inherit
     with:
       python_version: "3.10"

trivy.yaml

@@ -0,0 +1,13 @@
+# Trivy configuration file
+# https://aquasecurity.github.io/trivy/latest/docs/references/configuration/config-file/
+# Can be deleted after public ecr mirror will be added by default
+db:
+  no-progress: true
+  repository:
+    - ghcr.io/aquasecurity/trivy-db:2
+    - public.ecr.aws/aquasecurity/trivy-db:2
+  java-repository:
+    - ghcr.io/aquasecurity/trivy-java-db:1
+    - public.ecr.aws/aquasecurity/trivy-java-db:1
+misconfiguration:
+  checks-bundle-repository: public.ecr.aws/aquasecurity/trivy-checks