[Tool] Trivy Pipeline

Signed-off-by: AndyZiYe <[email protected]>

Author: andyziye

.github/workflows/trivy-pipeline.yml

@@ -16,15 +16,16 @@ concurrency:
 
 jobs:
   trivy-checker:
-    runs-on: [self-hosted, normal]
+    runs-on: [self-hosted, trivy]
     name: RUN
     steps:
-      - name: Init
-        run: |
-          mkdir ${{ github.workspace }}/trivy_temp
+      - name: Checkout code
+        uses: actions/checkout@v3
 
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@d710430a6722f083d3b36b8339ff66b32f22ee55 #0.19.0
+        env:
+          TMPDIR: ${{ github.workspace }}/trivy_temp # Required to prevent Trivy running out of space
         with:
           image-ref: "registry.cn-zhangjiakou.aliyuncs.com/starrocks/dev-env-centos7:3.1-latest"
           scan-type: "image"