Provide for disabling security scan in ci-pr.yml and adding alternati…

…ve repo Added env to control the scan. Added env to identify alternate repo.
spring-cloud · Nov 18, 2024 · 8dd7c2a · 8dd7c2a
1 parent a3eecbe
commit 8dd7c2a
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/.github/workflows/ci-pr.yml b/.github/workflows/ci-pr.yml
@@ -4,7 +4,9 @@ on:
   pull_request:
 
 env:
-  ENABLE_SECURITY_SCAN: 'false'
+  ENABLE_SECURITY_SCAN: 'true'
+  TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db,aquasec/trivy-db,ghcr.io/aquasecurity/trivy-db
+  TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db,aquasec/trivy-java-db,ghcr.io/aquasecurity/trivy-java-db
 
 jobs:
   build: