From 4bec81e283ebd6e27a6bae1e2977224c528e27b1 Mon Sep 17 00:00:00 2001
From: billhammond-dev <bill.hammond@xometry.com>
Date: Thu, 19 Sep 2024 14:20:23 -0500
Subject: [PATCH 1/3] try these changes out

---
 action.yaml   | 6 +++++-
 entrypoint.sh | 9 ++++++++-
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/action.yaml b/action.yaml
index f13a5aa..53aeb75 100644
--- a/action.yaml
+++ b/action.yaml
@@ -97,6 +97,9 @@ inputs:
   docker-host:
     description: 'unix domain socket path to use for docker scanning, ex. unix:///var/run/docker.sock'
     required: false
+  db-repository:
+    description: 'vulnerability DB repository address, ex. my-registry.example.com/mirrors/aquasecurity/trivy-db'
+    required: false
 
 runs:
   using: 'docker'
@@ -125,5 +128,6 @@ runs:
     - '-u ${{ inputs.github-pat }}'
     - '-v ${{ inputs.trivy-config }}'
     - '-x ${{ inputs.tf-vars }}'
-    - '-z ${{ inputs.limit-severities-for-sarif }}'
     - '-y ${{ inputs.docker-host }}'
+    - '-z ${{ inputs.limit-severities-for-sarif }}'
+    - '-0 ${{ inputs.db-repository }}'
diff --git a/entrypoint.sh b/entrypoint.sh
index 79fd708..c3378b7 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 set -e
-while getopts "a:b:c:d:e:f:g:h:i:j:k:l:m:n:o:p:q:r:s:t:u:v:x:y:z:" o; do
+while getopts "a:b:c:d:e:f:g:h:i:j:k:l:m:n:o:p:q:r:s:t:u:v:x:y:z:0:" o; do
    case "${o}" in
        a)
          export scanType=${OPTARG}
@@ -77,6 +77,9 @@ while getopts "a:b:c:d:e:f:g:h:i:j:k:l:m:n:o:p:q:r:s:t:u:v:x:y:z:" o; do
        z)
          export limitSeveritiesForSARIF=${OPTARG}
        ;;
+       0)
+         export dbRepository=${OPTARG}
+       ;;
   esac
 done
 
@@ -184,6 +187,10 @@ if [ "$skipFiles" ];then
   done
 fi
 
+if [ "$dbRepository" ]; then
+  ARGS="$ARGS --db-repository $dbRepository"
+fi
+
 trivyConfig=$(echo $trivyConfig | tr -d '\r')
 # To make sure that uploda GitHub Dependency Snapshot succeeds, disable the script that fails first.
 set +e

From 139298ad5049f6b600a2100b1772839d4b9704fa Mon Sep 17 00:00:00 2001
From: Bill Hammond <bill.hammond@xometry.com>
Date: Thu, 19 Sep 2024 14:50:30 -0500
Subject: [PATCH 2/3] Update action.yaml

---
 action.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/action.yaml b/action.yaml
index 53aeb75..84e0e59 100644
--- a/action.yaml
+++ b/action.yaml
@@ -100,6 +100,7 @@ inputs:
   db-repository:
     description: 'vulnerability DB repository address, ex. my-registry.example.com/mirrors/aquasecurity/trivy-db'
     required: false
+    default: ''
 
 runs:
   using: 'docker'

From 4e456d4517b7eee6ecf368e21fee85d826de1ef6 Mon Sep 17 00:00:00 2001
From: Bill Hammond <bill.hammond@xometry.com>
Date: Thu, 19 Sep 2024 14:55:59 -0500
Subject: [PATCH 3/3] Update entrypoint.sh

---
 entrypoint.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/entrypoint.sh b/entrypoint.sh
index c3378b7..0505e1f 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -187,7 +187,7 @@ if [ "$skipFiles" ];then
   done
 fi
 
-if [ "$dbRepository" ]; then
+if [ $dbRepository ]; then
   ARGS="$ARGS --db-repository $dbRepository"
 fi