search

aquasecurity / harbor-scanner-trivy

Use Trivy as a plug-in vulnerability scanner in the Harbor registry
https://goharbor.io
Apache License 2.0
218 stars 77 forks source link

mkdir /home/scanner/.cache/trivy/fanal: permission denied #368

Open gongkimi123 opened 1 year ago

gongkimi123 commented 1 year ago

What steps did you take and what happened:

scan failed, harbor and harbor-scanner-trivy are docker deployed.

What did you expect to happen:

scan success

Anything else you would like to add:

2023-08-02T09:26:34Z [INFO] [/pkg/scan/job.go:387]: { "uuid": "e91a1067-3050-11ee-9e9f-0242ac150008", "name": "trivy", "description": "", "url": "http://192.168.101.41:8181", "disabled": false, "is_default": true, "health": "healthy", "auth": "", "access_credential": "[HIDDEN]", "skip_certVerify": true, "use_internal_addr": true, "adapter": "Trivy", "vendor": "Aqua Security", "version": "0.43.0", "create_time": "2023-08-01T09:50:56.138188Z", "update_time": "2023-08-01T09:50:56.13819Z" } 2023-08-02T09:26:34Z [INFO] [/pkg/scan/job.go:387]: { "registry": { "url": "http://core:8080", "authorization": "[HIDDEN]" }, "artifact": { "namespace_id": 9, "repository": "fanruan_ops/nginx", "tag": "v20.1.9-1.21.4", "digest": "sha256:77079debf2aa06e89a28d7de20033feea487394128dbdbfb1f33dcd5612f1de1", "mime_type": "application/vnd.docker.distribution.manifest.v2+json" } } 2023-08-02T09:26:34Z [INFO] [/pkg/scan/job.go:167]: Report mime types: [application/vnd.security.vulnerability.report; version=1.1] 2023-08-02T09:26:34Z [INFO] [/pkg/scan/job.go:224]: Get report for mime type: application/vnd.security.vulnerability.report; version=1.1 2023-08-02T09:26:36Z [INFO] [/pkg/scan/job.go:245]: Report with mime type application/vnd.security.vulnerability.report; version=1.1 is not ready yet, retry after 5 seconds 2023-08-02T09:26:41Z [ERROR] [/pkg/scan/job.go:294]: check scan report with mime type application/vnd.security.vulnerability.report; version=1.1: running trivy wrapper: running trivy: exit status 1: 2023-08-02T09:26:37.751Z FATAL init error: cache error: unable to initialize the cache: unable to initialize fs cache: failed to create cache dir: mkdir /home/scanner/.cache/trivy/fanal: permission denied : general response handler: unexpected status code: 500, expected: 200

Environment:

https://github.com/goharbor/harbor/releases/download/v2.7.1/harbor-offline-installer-v2.5.0.tgz

yaohwu commented 1 year ago

try docker exec -u 0 and created and fixed