CCM-13883: Trivy Optimisation

Author: jamesthompson26-nhs

.github/actions/trivy-iac/action.yaml

@@ -8,7 +8,8 @@ runs:
       run: |
         components_exit_code=0
         modules_exit_code=0
-
+        asdf plugin add trivy || true
+        asdf install trivy || true
         ./scripts/terraform/trivy-scan.sh --mode iac ./infrastructure/terraform/components || components_exit_code=$?
         ./scripts/terraform/trivy-scan.sh --mode iac ./infrastructure/terraform/modules || modules_exit_code=$?
 

.github/actions/trivy-package/action.yaml

@@ -7,7 +7,8 @@ runs:
       shell: bash
       run: |
         exit_code=0
-
+        asdf plugin add trivy || true
+        asdf install trivy || true
         ./scripts/terraform/trivy-scan.sh --mode package . || exit_code=$?
 
         if [ $exit_code -ne 0 ]; then

.github/workflows/stage-1-commit.yaml

@@ -166,13 +166,6 @@ jobs:
         uses: actions/checkout@v4
       - name: "Setup ASDF"
         uses: asdf-vm/actions/setup@1902764435ca0dd2f3388eea723a4f92a4eb8302
-      - name: "Repo setup"
-        uses: ./.github/actions/node-install
-        with:
-          node-version: ${{ inputs.nodejs_version }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      - name: "Perform Setup"
-        uses: ./.github/actions/setup
       - name: "Trivy IaC Scan"
         uses: ./.github/actions/trivy-iac
   trivy-package:
@@ -188,13 +181,6 @@ jobs:
         uses: actions/checkout@v4
       - name: "Setup ASDF"
         uses: asdf-vm/actions/setup@1902764435ca0dd2f3388eea723a4f92a4eb8302
-      - name: "Repo setup"
-        uses: ./.github/actions/node-install
-        with:
-          node-version: ${{ inputs.nodejs_version }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      - name: "Perform Setup"
-        uses: ./.github/actions/setup
       - name: "Trivy Package Scan"
         uses: ./.github/actions/trivy-package
   count-lines-of-code: