Open jbgomond opened 1 year ago
We're also facing the same issue.
Also having this issue:
Harbor version: 2.7 Harbor Scanner Adapter: v0.30.15 Trivy: v0.44 Installation process: Helm Chart
I think this problem was created after add https://github.com/aquasecurity/trivy/pull/3906 feature.
I debug this i found problem. When name for Interrogation Services
have space in name trivi think, that have 2 users and one password.
This variable are used for run trivy using this adapter
# local instance, so I don't have to mask it
TRIVY_USERNAME=robot$library+dDDZorvK-Exterlan check22asd-212df05f-3da5-11ee-afb8-0242ac190008
TRIVY_PASSWORD=A914JlE8Z19uvr5hOZ1egjIjmits2aUI
When I remove space from Scaner name all start working
@ByJacob I'll have to disagree here. I have two instances of Harbor and both have spaces in the Interrogation Service name. The scanner is working in one instance and not working in the other one.
Instance one (not working):
Instance two (working):
@ByJacob I'll have to disagree here. I have two instances of Harbor and both have spaces in the Interrogation Service name. The scanner is working in one instance and not working in the other one.
Instance one (not working):
Instance two (working):
And both versions of harbor-scanner-triva areidentical and use the same versions of harbor-scanner-triva ?
Changing the name of the scanner (removing the spaces) helped in my case.
It is possible that there are some characters in the generated user or password string that cause trivy to split the given string into arrays. Try debugging the used users in the container with the following command, you may be able to find the problem.
while [ 1 ]
do
cat /proc/$(pgrep /usr/local/bin/trivy | head -n 1)/environ | tr '\0' '\n' | grep -e TRIVY_
sleep 0.1
done
@ByJacob I tried removing the space from the Interrogation scanner name and it did help. The scanner is working now. So, thanks for the suggestion. I'll definitely try out the debug script to see what is the value of the variables in my second instance.
@ByJacob Got the error in second instance as well. It was re-installed a few days ago so maybe that cleared the scan cache. Earlier I was not seeing the error here. So, I removed the space here as well and it's fine now. Again thanks for finding the cause and suggesting the work around.
Indeed, removing the space in the scanner name is fixing the issue. It seems there's a bug in that area.
What steps did you take and what happened:
I updated docker images from 2.8.0 to 2.8.2 (all docker harbor containers). I'm now having this error when I launch an analysis from harbor, using trivy. The service health is OK.
It seems to be linked with that change: https://github.com/aquasecurity/trivy/pull/3906.
What did you expect to happen:
Continue working as it was with the new version
Anything else you would like to add:
Environment: