Trivy doesn't work in airgapped environments

[xmj]

Trivy does not work in airgapped environments

To Reproduce
Due to the way trivy is deployed, when it's enabled it will download databases from mirror.gcr.io / ghcr.io both for the java db and the db itself.

Enable trivy in a network that cannot access gcr/ghcr. See it fail.

Expected behavior
Helm chart should allow me to override the trivy configuration, or template a YAML file.

https://github.com/artifacthub/hub/blob/master/charts/artifact-hub/templates/trivy_deployment.yaml#L47

The config passed in line 47 of trivy_deployment.yaml is a bit minimalist.

Kubernetes distribution:

• Openshift 4.18

[tegioz]

Hi @xmj 👋

We'll consider making the Trivy instance we deploy configurable from the Helm chart 👍

In the meantime, you can deploy your own Trivy instance and point the AH's scanner to it.