From c661f7750edbb05dab26504e4175fbcad0acd080 Mon Sep 17 00:00:00 2001
From: Jeremy Fee <jmfee@usgs.gov>
Date: Fri, 11 Sep 2020 11:45:15 -0600
Subject: [PATCH] Add explicit trivy version

---
 .gitlab-ci.yml | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index d4d31bfa..63b17826 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -9,6 +9,7 @@ stages:
 variables:
   CI_REGISTRY: ${CODE_REGISTRY}
   CI_REGISTRY_IMAGE: ${CODE_REGISTRY_IMAGE}
+  TRIVY_VERSION: "0.11.0"
   # docker variables
   DOCKER_DRIVER: overlay2
   FROM_IMAGE: ${CODE_REGISTRY}/devops/images/usgs/centos:latest
@@ -167,14 +168,8 @@ Scan Docker Image:
     - tags@ghsc/geomag/geomag-algorithms
   script:
     # install trivy
-    - apk add --update-cache --upgrade curl grep rpm sed
-    - VERSION=$(
-      curl --silent "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | \
-      grep '"tag_name":' | \
-      sed -E 's/.*"v([^"]+)".*/\1/'
-      )
-    - wget https://github.com/aquasecurity/trivy/releases/download/v${VERSION}/trivy_${VERSION}_Linux-64bit.tar.gz
-    - tar zxvf trivy_${VERSION}_Linux-64bit.tar.gz
+    - wget https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz
+    - tar zxvf trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz
     # run trivy
     - ./trivy --exit-code 0 --no-progress ${INTERNAL_IMAGE}
   services:
-- 
GitLab