feat: comment out Trivy as it was info only and has been failing for rate limits

.github/workflows/reusable_dockerfile_pipeline.yml

@@ -142,48 +142,48 @@ jobs:
           echo "Failing step due to build_for_pr == build_for_merge"
           exit 1
 
-  docker-security:
-    needs: ["prepare-env", "logic-check"]
-    runs-on: "ubuntu-latest"
-    steps:
-      - name: Checkout
-        uses: "actions/checkout@v4"
+  # docker-security:
+  #   needs: ["prepare-env", "logic-check"]
+  #   runs-on: "ubuntu-latest"
+  #   steps:
+  #     - name: Checkout
+  #       uses: "actions/checkout@v4"
 
-      - name: Build
-        uses: docker/build-push-action@v5
-        env:
-          OUTPUT_SHORT_SHA: ${{ needs.prepare-env.outputs.output_short_sha }}
-          OUTPUT_IMAGE_NAME: ${{ needs.prepare-env.outputs.output_image_name }}
-        with:
-          context: ${{ inputs.dockerContext}}
-          push: false
-          platforms: linux/amd64
-          # we're building the container before the scan, use the short sha tag
-          # for referring to it later
-          tags: ${{ env.OUTPUT_IMAGE_NAME }}:${{ env.OUTPUT_SHORT_SHA }}
-          file: ${{ inputs.dockerfile }}
+  #     - name: Build
+  #       uses: docker/build-push-action@v5
+  #       env:
+  #         OUTPUT_SHORT_SHA: ${{ needs.prepare-env.outputs.output_short_sha }}
+  #         OUTPUT_IMAGE_NAME: ${{ needs.prepare-env.outputs.output_image_name }}
+  #       with:
+  #         context: ${{ inputs.dockerContext}}
+  #         push: false
+  #         platforms: linux/amd64
+  #         # we're building the container before the scan, use the short sha tag
+  #         # for referring to it later
+  #         tags: ${{ env.OUTPUT_IMAGE_NAME }}:${{ env.OUTPUT_SHORT_SHA }}
+  #         file: ${{ inputs.dockerfile }}
 
-      - name: Run Trivy vulnerability scanner
-        # source: https://github.com/aquasecurity/trivy-action
-        # https://github.com/marketplace/actions/aqua-security-trivy
-        uses: aquasecurity/trivy-action@master
-        env:
-          OUTPUT_SHORT_SHA: ${{ needs.prepare-env.outputs.output_short_sha }}
-          OUTPUT_IMAGE_NAME: ${{ needs.prepare-env.outputs.output_image_name }}
-        with:
-          # here we use the local tag that we've built before
-          image-ref: "${{ env.OUTPUT_IMAGE_NAME }}:${{ env.OUTPUT_SHORT_SHA }}"
-          format: "table"
-          #exit-code: '1' # uncomment to stop the CI if the scanner fails
-          ignore-unfixed: true
-          vuln-type: "os,library"
-          severity: "CRITICAL,HIGH"
+  #     - name: Run Trivy vulnerability scanner
+  #       # source: https://github.com/aquasecurity/trivy-action
+  #       # https://github.com/marketplace/actions/aqua-security-trivy
+  #       uses: aquasecurity/trivy-action@master
+  #       env:
+  #         OUTPUT_SHORT_SHA: ${{ needs.prepare-env.outputs.output_short_sha }}
+  #         OUTPUT_IMAGE_NAME: ${{ needs.prepare-env.outputs.output_image_name }}
+  #       with:
+  #         # here we use the local tag that we've built before
+  #         image-ref: "${{ env.OUTPUT_IMAGE_NAME }}:${{ env.OUTPUT_SHORT_SHA }}"
+  #         format: "table"
+  #         #exit-code: '1' # uncomment to stop the CI if the scanner fails
+  #         ignore-unfixed: true
+  #         vuln-type: "os,library"
+  #         severity: "CRITICAL,HIGH"
 
   docker-build:
     name: docker-build (${{ matrix.registry.name }}; ${{ matrix.registry.registry-url }}/${{ matrix.registry.registry-owner }}/${{ needs.prepare-env.outputs.output_image_name }})
     runs-on: "ubuntu-latest"
     # wait until the jobs are finished.
-    needs: ["prepare-env", "logic-check", "docker-security"]
+    needs: ["prepare-env", "logic-check"]
     # We only want to run this step if one of the build flags is true. We don't
     # run if both logic flags are false. This is the case for push events on PR
     # commits. The logic-check job protects us from the case of both build flags