Closed aaronmondal closed 2 weeks ago
Trivy fails to properly handle image without creation timestamps when running under recent versions of Docker. https://github.com/actions/runner-images/commit/619f9fd372f7aed204a8e2c46f2d7ce10d4b868c updated Docker on the runners from 24 to 26. This broke the image publishing pipelines.
The solution to this is to pin trivy's time parsing to a fixed creation timestamp explicitly.
Upstream discussion at https://github.com/aquasecurity/trivy/discussions/6944
Trivy fails to properly handle image without creation timestamps when running under recent versions of Docker. https://github.com/actions/runner-images/commit/619f9fd372f7aed204a8e2c46f2d7ce10d4b868c updated Docker on the runners from 24 to 26. This broke the image publishing pipelines.
The solution to this is to pin trivy's time parsing to a fixed creation timestamp explicitly.