Fixed security-scan

tomuben · tomuben · commit cf49693d4f14 · 2026-03-11T11:15:51.000-03:00
diff --git a/flavors/standard-EXASOL-all-java-11/flavor_base/packages.yml b/flavors/standard-EXASOL-all-java-11/flavor_base/packages.yml
@@ -54,8 +54,18 @@ build_steps:
     version_mandatory: true
 - name: security_scan
   phases:
+  - name: install_deps
+    apt:
+      packages:
+        - name: gnupg
   - name: install_apt_packages
     apt:
+      repos:
+        trivy:
+          key_url: https://aquasecurity.github.io/trivy-repo/deb/public.key
+          entry: deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb
+            generic main
+          out_file: trivy.list
       packages:
       - name: trivy
       - name: gnupg
diff --git a/flavors/standard-EXASOL-all-java-11/flavor_base/security_scan/Dockerfile b/flavors/standard-EXASOL-all-java-11/flavor_base/security_scan/Dockerfile
@@ -5,10 +5,6 @@ RUN mkdir -p /build_info/packages
 COPY security_scan_packages.yaml /build_info/packages/security_scan_packages.yaml
 RUN exaslpm install --package-file /build_info/packages/security_scan_packages.yaml --build-step security_scan
 
-RUN curl -s https://aquasecurity.github.io/trivy-repo/deb/public.key | apt-key add - &&\
-   /scripts/install_scripts/install_ppa.pl --ppa 'deb https://aquasecurity.github.io/trivy-repo/deb jammy main' --out-file trivy.list
-
-
 ENV SECURITY_SCANNERS="trivy"
 COPY /security_scan/.trivyignore /.trivyignore
 COPY /security_scan/trivy-secret.yaml /trivy-secret.yaml
