From 486ae16ff6ec2ade80cc221cf6119b92f09f3e48 Mon Sep 17 00:00:00 2001
From: Parker DeBardelaben <parker.debardelaben@stord.com>
Date: Thu, 24 Oct 2024 11:57:35 -0400
Subject: [PATCH] feat: SRE-955 support skipping trivy db update (#13)

Adds support for setting `TRIVY_SKIP_DB_UPDATE` by passing `update-db`
to the action.
---
 action.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/action.yml b/action.yml
index e859247..dc75012 100644
--- a/action.yml
+++ b/action.yml
@@ -27,6 +27,10 @@ inputs:
   slack-channel-id:
     description: "Slack channel ID for sending notifications."
     required: false
+  update-db:
+    description: "Update Trivy vulnerability database."
+    required: false
+    default: "true"
 
 outputs:
   artifact-url:
@@ -50,6 +54,8 @@ runs:
     - name: Run Trivy vulnerability scanner in ${{ inputs.scan-type }} mode
       id: trivy_scan
       uses: aquasecurity/trivy-action@0.23.0
+      env:
+        TRIVY_SKIP_DB_UPDATE: ${{ inputs.update-db == "false" && "true" || "false" }}
       with:
         scan-type: ${{ inputs.scan-type }}
         image-ref: ${{ inputs.image-ref }}