wombatu-kun commented on PR #16660: URL: https://github.com/apache/iceberg/pull/16660#issuecomment-4608458719
Gentle ping on this CI fix. The Trivy image-pull flake it addresses keeps hitting fresh PRs: it took down #16669 for the first time earlier today (job `open-api-test-fixtures-runtime`, Docker Hub pull timing out), on top of the earlier #16657 / #16652 cases. Since the CVE scan is a blocking check on PRs, each hit red-marks an otherwise-green, unrelated PR and forces a committer to manually re-run the job. The change is intentionally minimal and self-contained: +19/-0 in `cve-scan.yml`, a bounded pre-pull retry (5 attempts, linear backoff) that reuses the digest-pinned image, so it stays polite to the registry and touches nothing else. @kevinjqliu you set up and own the CVE scan (#16291, #16287) - would you be able to take a quick look when you get a chance? @stevenzwu pulling you in as a backup in case Kevin is tied up. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
