ci(soteria): use preloaded quality scanner image

2026-04-21 22:50:25 -03:00 · 2026-04-21 22:50:25 -03:00 · 3a1b2781a6
commit 3a1b2781a6
parent 6a576477e2
1 changed files with 2 additions and 2 deletions
--- a/4
+++ b/4
@ -36,7 +36,7 @@ spec:
        - name: workspace-volume
          mountPath: /home/jenkins/agent
    - name: quality-tools
-      image: registry.bstein.dev/bstein/quality-tools:sonar8.0.1-trivy0.70.0-arm64
+      image: registry.bstein.dev/bstein/quality-tools:sonar8.0.1-trivy0.70.0-db20260422-arm64
      command:
        - cat
      tty: true
@ -119,7 +119,7 @@ spec:
            set +e
            sonar-scanner "${args[@]}" | tee build/sonar-scanner.log
            sonar_rc=${PIPESTATUS[0]}
-            trivy fs --no-progress --format json --output build/trivy-fs.json --scanners vuln,secret,misconfig --severity HIGH,CRITICAL .
+            trivy fs --cache-dir "${TRIVY_CACHE_DIR}" --skip-db-update --timeout 5m --no-progress --format json --output build/trivy-fs.json --scanners vuln,secret,misconfig --severity HIGH,CRITICAL .
            trivy_rc=$?
            set -e
            printf '%s\n' "${sonar_rc}" > build/sonarqube-analysis.rc