Replies: 1 comment
-
|
@nika-pr secrets are used in case images to be pulled from private registry , in your case it should not fail on this error , converting to issue #5682 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Description
I would like to analyse a GKE cluster where I was granted
Kubernetes Engine Cluster ViewerandKubernetes Engine Vieweron the project level.When I try to run
trivy k8s --report=summary cluster, I get the following error:FATAL get k8s artifacts with node info error: failed getting auth for gvr: apps/v1, Resource=daemonsets - getting secret by name: kube-system/private-registry-creds: secrets "private-registry-creds" is forbidden: User "<REDACTED>" cannot get resource "secrets" in API group "" in the namespace "kube-system": requires one of ["container.secrets.get"] permission(s).Is secret scanning absolutely necessary for any kind of report? I'd imagine some results can be found without scanning them.
Expected behavior: WARN log that tells me the results are limited due to missing permissions, but a "limited" report being provided as output nonetheless.
Target
Kubernetes
Scanner
None
Beta Was this translation helpful? Give feedback.
All reactions