Container Scanning failure when trivy-java-db download fails from rate limit

Summary

The Container Scanning job can fail if downloading the trivy-java-db fails due to a rate limit

Steps to reproduce

1. Run a Container Scanning job
2. Happen to encounter a rate limit from the trivy-java-db repository

Example Project

No example provided (see reproduction steps)

What is the current bug behavior?

If the rate limit error is thrown during a Container Scanning job the DB will fail to download and the scan will fail.

What is the expected correct behavior?

The scan should complete

Relevant logs and/or screenshots

2024-09-30T01:23:45Z	FATAL	Fatal error	image scan error: scan error: scan failed: failed analysis: analyze error: pipeline error: failed to analyze layer (sha256:aeeb29a97d12b80e5c80cfdb667581d3dfae1e5d1685b97d6e1500ead5589fa9): post analysis error: post analysis error: Unable to initialize the Java DB: Java DB update failed: DB download error: OCI repository error: 1 error occurred:
	* GET https://ghcr.io/v2/aquasecurity/trivy-java-db/manifests/1: TOOMANYREQUESTS: retry-after: 1.019269ms, allowed: 44000/minute

Output of checks

Possible fixes

Trivy merged a fix, but it may not be relevant in a pipeline context: https://github.com/aquasecurity/trivy/pull/7592