From 38930d707fbb2b261da6a8072e0d2235ccb9f92a Mon Sep 17 00:00:00 2001
From: Sergei Maertens <sergei@maykinmedia.nl>
Date: Fri, 11 Oct 2024 10:47:10 +0200
Subject: [PATCH] :pushpin: Pin trivy-action to 0.24.0

To resolve the file path errors, see also aquasecurity/trivy-action#404
---
 .github/workflows/ci.yml | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index e1fed35bb1..16e49f1546 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -421,8 +421,21 @@ jobs:
         with:
           name: docker-image-all-extensions-${{ needs.docker_build_setup.outputs.version }}
 
+      # NOTE: when we can ugprade to newer action versions (see
+      # aquasecurity/trivy-action#404), this should be obsolete and can be removed.
+      # This requires to trivy.yml cronjob to have run successfully.
+      - name: Get current date
+        id: date
+        run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT
+
+      - name: Restore caches
+        uses: actions/cache/restore@v4
+        with:
+          path: ${{ github.workspace }}/.cache/trivy
+          key: cache-trivy-${{ steps.date.outputs.date }}
+
       - name: Scan image with Trivy
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@0.24.0
         with:
           input: /github/workspace/image.tar  # from download-artifact
           format: 'sarif'