From 2547e4547381c8b835a21382652627af1d44cf8f Mon Sep 17 00:00:00 2001
From: Raffaele Di Fazio <difazio.raffaele@gmail.com>
Date: Mon, 20 Dec 2021 17:30:39 +0000
Subject: [PATCH 1/6] use tmp folder for trivy

Signed-off-by: GitHub <noreply@github.com>
---
 scripts/run-trivy.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/scripts/run-trivy.sh b/scripts/run-trivy.sh
index ddf238edb0..6d040a9d9d 100755
--- a/scripts/run-trivy.sh
+++ b/scripts/run-trivy.sh
@@ -2,6 +2,7 @@
 set -e
 
 # install trivy
+cd /tmp
 curl -LO https://github.com/aquasecurity/trivy/releases/download/v0.20.2/trivy_0.20.2_Linux-64bit.tar.gz 
 echo "38a6de48e21a34e0fa0d2cf63439c0afcbbae0e78fb3feada7a84a9cf6e7f60c trivy_0.20.2_Linux-64bit.tar.gz" | sha256sum -c 
 tar -xvf trivy_0.20.2_Linux-64bit.tar.gz

From 0cedcaf13c58d99f08f41291ac963a307e98fa82 Mon Sep 17 00:00:00 2001
From: Raffaele Di Fazio <difazio.raffaele@gmail.com>
Date: Mon, 20 Dec 2021 17:38:14 +0000
Subject: [PATCH 2/6] change more dir

Signed-off-by: GitHub <noreply@github.com>
---
 scripts/run-trivy.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/scripts/run-trivy.sh b/scripts/run-trivy.sh
index 6d040a9d9d..ba4fdd3406 100755
--- a/scripts/run-trivy.sh
+++ b/scripts/run-trivy.sh
@@ -9,4 +9,5 @@ tar -xvf trivy_0.20.2_Linux-64bit.tar.gz
 chmod +x trivy
 
 # run trivy
+cd - 
 ./trivy image --exit-code 1 us.gcr.io/k8s-artifacts-prod/external-dns/external-dns:$(git describe --tags --always --dirty)

From f1e5da90b6abe75acdf0a370bacfc8f94d3b8912 Mon Sep 17 00:00:00 2001
From: Raffaele Di Fazio <difazio.raffaele@gmail.com>
Date: Mon, 20 Dec 2021 17:44:03 +0000
Subject: [PATCH 3/6] change script

Signed-off-by: GitHub <noreply@github.com>
---
 scripts/run-trivy.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/run-trivy.sh b/scripts/run-trivy.sh
index ba4fdd3406..b84dad1705 100755
--- a/scripts/run-trivy.sh
+++ b/scripts/run-trivy.sh
@@ -10,4 +10,4 @@ chmod +x trivy
 
 # run trivy
 cd - 
-./trivy image --exit-code 1 us.gcr.io/k8s-artifacts-prod/external-dns/external-dns:$(git describe --tags --always --dirty)
+/tmp/trivy image --exit-code 1 us.gcr.io/k8s-artifacts-prod/external-dns/external-dns:$(git describe --tags --always --dirty)

From 9afd049658c77eb5a763a42900a07dd49ea75288 Mon Sep 17 00:00:00 2001
From: Raffaele Di Fazio <difazio.raffaele@gmail.com>
Date: Mon, 20 Dec 2021 17:49:16 +0000
Subject: [PATCH 4/6] disable master filter

Signed-off-by: GitHub <noreply@github.com>
---
 .github/workflows/trivy.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
index ee6b6c0c5d..154608207d 100644
--- a/.github/workflows/trivy.yml
+++ b/.github/workflows/trivy.yml
@@ -1,8 +1,8 @@
 name: trivy vulnerability scanner
 on:
   push:
-    branches:
-      - master
+    # branches:
+    #   - master
 jobs:
   build:
     name: Build

From 3fb7f70001e3e85585cf9b159bf76b9434f8039c Mon Sep 17 00:00:00 2001
From: Raffaele Di Fazio <difazio.raffaele@gmail.com>
Date: Mon, 20 Dec 2021 18:42:16 +0000
Subject: [PATCH 5/6] restore run only on master

Signed-off-by: GitHub <noreply@github.com>
---
 .github/workflows/trivy.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
index 154608207d..ee6b6c0c5d 100644
--- a/.github/workflows/trivy.yml
+++ b/.github/workflows/trivy.yml
@@ -1,8 +1,8 @@
 name: trivy vulnerability scanner
 on:
   push:
-    # branches:
-    #   - master
+    branches:
+      - master
 jobs:
   build:
     name: Build

From f6c05663ff799c8bbe560d9ecaba0b0d61bdfd3d Mon Sep 17 00:00:00 2001
From: Raffaele Di Fazio <difazio.raffaele@gmail.com>
Date: Mon, 20 Dec 2021 18:42:51 +0000
Subject: [PATCH 6/6] run all the time

Signed-off-by: GitHub <noreply@github.com>
---
 .github/workflows/trivy.yml | 2 --
 1 file changed, 2 deletions(-)

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
index ee6b6c0c5d..f88ef1fc4c 100644
--- a/.github/workflows/trivy.yml
+++ b/.github/workflows/trivy.yml
@@ -1,8 +1,6 @@
 name: trivy vulnerability scanner
 on:
   push:
-    branches:
-      - master
 jobs:
   build:
     name: Build