Replies: 2 comments
-
As noted (in the immediately closed issue related to this ticket) it seems that creating a discussion and/or raising a ticket in this repository is a complete waste of time. |
Beta Was this translation helpful? Give feedback.
0 replies
-
Hello @d-t-w Created #6373 for this task. Regards, Dmitriy |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Description
Container scan fails with a permissions issue related to internal trivy directories:
Background
We push containers to ArtifactHub who scan them with trivy.
On 19/05/23 our containers (including historic ones that had previously scanned just fine) started to fail with this 'permission denied' error. See: artifacthub/hub#3152
Our container is fairly simple, it just contains a Java JAR file and little else.
Further, I find if I scan very old version of our container they work, up to version 73.
From version 74 they fail.
There is non significant difference in the dockerfile between v73 and v74.
Note: ArtifactHub very happily scanned version 74+ until they presumably updated their trivy dependency.
Related issues:
These are not my project, but appear to be the same root cause.
goharbor/harbor#18824
goharbor/harbor#19405
Desired Behavior
I expect trivy to scan the container successfully (as it has previously done).
Actual Behavior
Trivy no longer scans the container correctly
Reproduction Steps
Target
Container Image
Scanner
Vulnerability
Output Format
Table
Mode
Standalone
Debug Output
Operating System
macOS Monterey
Version
Checklist
trivy image --reset
Beta Was this translation helpful? Give feedback.
All reactions