trivy scan in azure devops pipeline step fails using latest version

aquasecurity / trivy-java-db

Apache License 2.0

31 stars 15 forks source link

trivy scan in azure devops pipeline step fails using latest version #44

Open tudorsibiu90 opened 1 month ago

tudorsibiu90 commented 1 month ago

I get this error: 2024-10-03T08:49:32Z FATAL Fatal error image scan error: scan error: scan failed: failed analysis: analyze error: pipeline error: failed to analyze layer (sha256:756474215d2903298a97a89b17f234450ca3a7219cae4dd63800afe9b350052f): post analysis error: post analysis error: Unable to initialize the Java DB: Java DB update failed: OCI artifact error: failed to download Java DB from any source

We started having transient issues like this in the past 2 weeks. No sure what is causing this recurrently.

Please help. Thank you!

pblgomez commented 1 month ago

It happens in gitlab-ci too, so I don't think it's azure related

Pavanp261 commented 1 month ago

Encountering same error while scanning the image during the Bitbucket pipeline. The scan process fails due to an issue with the Java DB download.

2024-10-03T09:38:25Z INFO [javadb] Artifact successfully downloaded repo="ghcr.io/aquasecurity/trivy-java-db:1" 2024-10-03T09:38:25Z FATAL Fatal error image scan error: scan error: scan failed: failed analysis: analyze error: pipeline error: failed to analyze layer (sha256:3cbdda3454f9b320138463278e74da90d4bd37c2cca24159f759b52b5bfceb9c): post analysis error: post analysis error: Unable to initialize the Java DB: Java DB update failed: OCI artifact error: failed to download Java DB from any source

Pavanp261 commented 1 month ago

this error while scanning an image using the latest version of aquasec/trivy. However, when I use aquasec/trivy:0.55.0 , the scan works without any issues.

lapanne commented 1 month ago

Same issue trying to run trivy image --download-java-db-only in a docker image

4.253 2024-10-03T11:47:39Z  INFO  [javadb] Downloading Java DB...
13:48:03   4.253 2024-10-03T11:47:39Z  INFO  [javadb] Downloading artifact...  repo="ghcr.io/aquasecurity/trivy-java-db:1"
13:48:03   649.13 MiB / 649.13 MiB [------------------------------------------------] 100.00% 31.49 MiB p/s 21s2024-10-03T11:48:00Z  INFO  [javadb] Artifact successfully downloaded  repo="ghcr.io/aquasecurity/trivy-java-db:1"
13:48:03   25.58 2024-10-03T11:48:00Z  FATAL  Fatal error  init error: DB error: Java DB error: OCI artifact error: failed to download Java DB from any source

trivy image --download-db-only works just fine

knqyf263 commented 1 month ago

Sorry for inconvenience. We'll cut v0.56.1 soon. https://github.com/aquasecurity/trivy/pull/7642