add retries for trivy to overcome the throttling

strangelove-ventures · Nov 14, 2024 · 8c55a1f · 8c55a1f
1 parent 6c4f498
commit 8c55a1f
Showing 1 changed file with 11 additions and 8 deletions.
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -58,11 +58,14 @@ jobs:
           build-args: VERSION=${{ steps.meta.outputs.version }}
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
-        with:
-          image-ref: '${{ fromJSON(steps.meta.outputs.json).tags[0] }}'
-          format: 'table'
-          exit-code: '1'
-          ignore-unfixed: true
-          vuln-type: 'os,library'
-          severity: 'CRITICAL,HIGH'
+        run: |
+          for i in {1..3}; do
+            if docker run --rm aquasec/trivy:latest image --exit-code 0 --severity CRITICAL,HIGH --ignore-unfixed ${{ fromJSON(steps.meta.outputs.json).tags[0] }}; then
+              break
+            elif [ $i -lt 3 ]; then
+              echo "Retrying in 60 seconds..."
+              sleep 60
+            else
+              exit 1
+            fi
+          done