From 1371a1656a699cbdfb2e38b12c9dd3518a54ee86 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Fri, 20 Mar 2026 14:08:28 +0000
Subject: [PATCH 1/2] Initial plan


From 384cab1c671a2166268b02d52f0812ee9381c9fb Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Fri, 20 Mar 2026 14:12:59 +0000
Subject: [PATCH 2/2] Fix GitHub Actions workflows: health check timing, Trivy
 version, OWASP paths

Co-authored-by: vitorhugo-java <65777252+vitorhugo-java@users.noreply.github.com>
---
 .github/workflows/health-check.yml  | 8 ++++++--
 .github/workflows/security-lint.yml | 8 ++++----
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/health-check.yml b/.github/workflows/health-check.yml
index b081ccce..1549276e 100644
--- a/.github/workflows/health-check.yml
+++ b/.github/workflows/health-check.yml
@@ -31,9 +31,11 @@ jobs:
       # Maximum time to wait for the service to become healthy (in seconds)
       TIMEOUT: '60'
       # Interval between retries (in seconds)
-      RETRY_INTERVAL: '10'
+      RETRY_INTERVAL: '15'
       # Number of retries before declaring the service down
-      MAX_RETRIES: '6'
+      MAX_RETRIES: '12'
+      # Initial delay before starting retries (allows the server to boot)
+      PRE_WAIT_DELAY: '30'
 
     steps:
       - name: Validate health-check URL
@@ -50,6 +52,8 @@ jobs:
         id: health
         shell: bash
         run: |
+          echo "Waiting ${PRE_WAIT_DELAY}s for the server to boot before polling..."
+          sleep "${PRE_WAIT_DELAY}"
           echo "Checking ${CHECK_URL} (up to ${MAX_RETRIES} retries, ${RETRY_INTERVAL}s apart)..."
           attempt=0
           while [ "$attempt" -lt "$MAX_RETRIES" ]; do
diff --git a/.github/workflows/security-lint.yml b/.github/workflows/security-lint.yml
index 18d740e3..e767895c 100644
--- a/.github/workflows/security-lint.yml
+++ b/.github/workflows/security-lint.yml
@@ -84,7 +84,7 @@ jobs:
           project: 'EspacoGeek-API'
           path: '.'
           format: 'SARIF'
-          out: 'reports/dependency-check'
+          out: 'build/reports'
           args: >-
             --enableRetired
             --scan build.gradle
@@ -97,7 +97,7 @@ jobs:
         uses: github/codeql-action/upload-sarif@v3
         if: always()
         with:
-          sarif_file: reports/dependency-check/dependency-check-report.sarif
+          sarif_file: build/reports/dependency-check-report.sarif
           category: owasp-dependency-check
 
       - name: Upload full Dependency-Check report (HTML)
@@ -105,7 +105,7 @@ jobs:
         if: always()
         with:
           name: dependency-check-report
-          path: reports/dependency-check/
+          path: build/reports/
 
   trivy:
     name: Trivy Docker Image Scan
@@ -130,7 +130,7 @@ jobs:
           cache-to: type=gha,mode=max
 
       - name: Run Trivy vulnerability scan
-        uses: aquasecurity/trivy-action@0.30.0
+        uses: aquasecurity/trivy-action@0.29.0
         with:
           image-ref: 'espacogeek-api:scan'
           format: 'sarif'