From ee86eb23a8d1709b8ba30b31cd8a1bcb7b06125f Mon Sep 17 00:00:00 2001
From: Corneil du Plessis <corneil.du-plessis@broadcom.com>
Date: Mon, 18 Nov 2024 13:44:46 +0200
Subject: [PATCH] Provide alternative Trivy repo

Added enviromental variables with multiple trivy repos.
---
 .github/workflows/common.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/common.yml b/.github/workflows/common.yml
index d78a65b73..cc18061b0 100644
--- a/.github/workflows/common.yml
+++ b/.github/workflows/common.yml
@@ -20,7 +20,7 @@ on:
         description: 'Maven Thread Option. Examples 0.5C, 2'
       enableSecurityScan:
         type: boolean
-        required: false
+        required: true
         default: false
         description: 'Enable security scan with Trivy'
     secrets:
@@ -40,6 +40,8 @@ env:
   VERBOSE: ${{ (github.debug || inputs.verbose) && 'true' || '' }}
   BRANCH: ${{ inputs.branch }}
   MAVEN_THREADS: ${{ inputs.mavenThreads }}
+  TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db,aquasec/trivy-db,ghcr.io/aquasecurity/trivy-db
+  TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db,aquasec/trivy-java-db,ghcr.io/aquasecurity/trivy-java-db
 
 jobs:
   scan: