search

arminc / clair-scanner

Docker containers vulnerability scan
Apache License 2.0
848 stars 154 forks source link

POST to Clair failed while doing the same with curl working #93

Closed bence-takacs closed 5 years ago

bence-takacs commented 5 years ago

Error:

POST to Clair failed Post https://clair-api.dev.jenkins.mycompany.hu:443/v1/layers: Service Unavailable

While

echo '$payload' curl --insecure -d @- https://clair-api.dev.jenkins.mycompany.hu:443/v1/layers {"Error":{"Message":"worker: parent layer is unknown, it must be processed first"}}

Full output:

+ curl --insecure https://clair-api.dev.jenkins.mycompany.hu:443/v1/namespaces
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
100    20  100    20    0     0     44      0 --:--:-- --:--:-- --:--:--    44
{"Namespaces":null}
[Pipeline] sh
+ echo '
{
    "Layer": {
        "Name": "523ef1d23f222195488575f52a39c729c76a8c5630c9a194139cb246fb212da6",
        "Path": "https://mystorage.com/layers/523ef1d23f222195488575f52a39c729c76a8c5630c9a194139cb246fb212da6/layer.tar",
        "Headers": {
        "Authorization": "Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.EkN-DOsnsuRjRO6BxXemmJDm3HbxrbRzXglbN2S4sOkopdU4IsDxTI8jO19W_A4K8ZPJijNLis4EZsHeY559a4DFOd50_OqgHGuERTqYZyuhtF39yxJPAjUESwxk2J5k_4zM3O-vtd1Ghyo4IbqKKSy6J9mTniYJPenn5-HIirE"
        },
        "ParentName": "140f9bdfeb9784cf8730e9dab5dd12fbd704151cf555ac8cae650451794e5ac2",
        "Format": "Docker"
    }
}'
+ curl --insecure -d @- https://clair-api.dev.jenkins.mycompany.hu:443/v1/layers
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
100   766  100    84  100   682    159   1293 --:--:-- --:--:-- --:--:--  1291
{"Error":{"Message":"worker: parent layer is unknown, it must be processed first"}}
[Pipeline] sh
+ /home/jenkins/tools/clair-scanner -c=https://clair-api.dev.jenkins.mycompany.hu:443 crm:3.0.1
2019/10/29 09:29:46 [INFO] ��� Start clair-scanner
2019/10/29 09:29:50 [INFO] ��� Server listening on port 9279
2019/10/29 09:29:50 [INFO] ��� Analyzing 971dabf8764adf0ccc8f3db331c20217e14c9a5409172cd7cf5a2b7f77889ad8
2019/10/29 09:29:50 [CRIT] ��� Could not analyze layer: POST to Clair failed Post https://clair-api.dev.jenkins.mycompany.hu:443/v1/layers: Service Unavailable
bence-takacs commented 5 years ago

SOLVED

The issue is that clair-scanner does not use no_proxy setings

The only way to tell not-to-use proxy is the following:

unset http_proxy; clair-scanner ...