corentinvds
commented
5 days ago Hello!
I have the same problem.
I found this recent PR 440 which pushes db updates to the Amazon container registry in addition to GitHub but I'm not sure this will fix the issue since the Amazon's policy limits unauthenticated pull to 1 per second:
Would it be possible to catch this error within the task and expose a new variable allowing to specify the number of retries to attempt in case of a "rate limit" error ?
I cannot use the retryCountOnTaskFailure task parameter since it will also retry when a vulnerability is found.
When trying to scan container image in the pipeline, the trivy task fails with that error:
It is quite similar to https://github.com/aquasecurity/trivy-azure-pipelines-task/issues/80, but the proposed fix doesn't help. After 2-3 retries, it can download the vuln db.