CASSANDRA-18671: New git and prefetch OWASP db to docker image

[jacek-lewandowski]

No description provided.

[jacek-lewandowski]

Repeating @michaelsembwever comment:

repeating for prosperity…

So

1. cirecleci is going to be around long enough to warrant this
2. we need a image change just bc of git, adding db cache is additional value
3. it makes the dependency-check more robust (failures are often in the downloading?)
4. how much will it slow down a circleci run overall ? (adding x MB to the image, which is > downloaded 1000+ times in one run)

• I don't know how much it will slow down CircleCI run, but we may have a dedicated image for just building the project, in this case it would not slow it down much; though it would make it more reliable; the last thing I want is people complaining about failed build due to fetching CVEs database

5. will a newer image break any other jobs in circleci or ci-cassandra.a.o ?
   so a custom image needs to be deployed to a personal dockerhub account first, and pre-commit > tested on both circleci and ci-cassandra.a.o

• yes we need to test it

i'm presuming (4) won't be a big issue, bc of caching.

Finally, I think we can live without prefetching provided that we have the new git, and we can reliably detect whether dependencies are changed or not, and run OWASP only in those rare cases