I am using the latest 1.5.1 version
From today my tasks are failing with an error
Running Trivy...
/tmp/trivy image --exit-code 0 --format json --output /tmp/trivy-results-0.1461544577169389.json --ignore-unfixed --scanners vuln --cache-dir /tmp/trivy-cache --report all myimage
2024-09-18T13:16:07Z INFO [db] Need to update DB
2024-09-18T13:16:07Z INFO [db] Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"
2024-09-18T13:16:08Z FATAL Fatal error init error: DB error: failed to download vulnerability DB: database download error: OCI repository error: 1 error occurred:
* GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 206.321µs, allowed: 44000/minute
##[error]Failed: Trivy detected problems.
It seems that the registry is specified correctly, but it tries to download from the wrong path, it tries to download from here
GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2
but it needs to be from here
ghcr.io/aquasecurity/trivy-db:2
I solved this problem by simply pointing to this path directly through the option and it now works
--db-repository ghcr.io/aquasecurity/trivy-db:2
And if you don’t specify it, it will give an error because this file is really not available.
I am using the latest 1.5.1 version From today my tasks are failing with an error
It seems that the registry is specified correctly, but it tries to download from the wrong path, it tries to download from here GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2 but it needs to be from here ghcr.io/aquasecurity/trivy-db:2
I solved this problem by simply pointing to this path directly through the option and it now works
--db-repository ghcr.io/aquasecurity/trivy-db:2And if you don’t specify it, it will give an error because this file is really not available.