From 87b6f27ca4b82488faa480537fc8928a3eb942f3 Mon Sep 17 00:00:00 2001
From: Nicholas Shavers <nshavers@contractor.usgs.gov>
Date: Wed, 18 Dec 2024 14:42:17 -0800
Subject: [PATCH] quiet trivy, backup trivy repositories. dind updated to 27

---
 .gitlab-ci.yml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 24e39bc8..33da0565 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -89,10 +89,10 @@ workflow:
 
 # template for jobs that need docker-in-docker
 .dind:
-  image: code.usgs.gov:5001/devops/images/usgs/docker:20
+  image: code.usgs.gov:5001/devops/images/usgs/docker:27
   services:
     - alias: docker
-      name: code.usgs.gov:5001/devops/images/usgs/docker:20-dind
+      name: code.usgs.gov:5001/devops/images/usgs/docker:27-dind
   variables:
     DOCKER_DRIVER: overlay2
 
@@ -202,11 +202,11 @@ Build Docker Image:
       --tag "${LOCAL_IMAGE}"
       "."
     ## trivy scan before push
-    - export TRIVY_DB_REPOSITORY=mirror.gcr.io/aquasec/trivy-db #Trivy looks for this variable to determine which repository to use. Only one allowed until trivy >= 0.56
+    - export TRIVY_DB_REPOSITORY=public.ecr.aws/aquasecurity/trivy-db,aquasec/trivy-db,ghcr.io/aquasecurity/trivy-db, mirror.gcr.io/aquasec/trivy-db #Trivy looks for this variable to determine which repository to use.
     # fail LOW,MEDIUM vulnerabilities that have a fix available
-    - trivy image --exit-code 1 --ignore-unfixed --severity LOW,MEDIUM "${LOCAL_IMAGE}";
+    - trivy -q image --exit-code 1 --ignore-unfixed --severity LOW,MEDIUM "${LOCAL_IMAGE}";
     # fail HIGH,CRITICAL vulnerabilities
-    - trivy image --exit-code 1 --severity HIGH,CRITICAL "${LOCAL_IMAGE}";
+    - trivy -q image --exit-code 1 --severity HIGH,CRITICAL "${LOCAL_IMAGE}";
     ## Authentication for Docker-in-Docker 
     # make folder for docker and docker configs if not present
     - mkdir -p $HOME/.docker 
-- 
GitLab