search

docker / scan-cli-plugin

Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images
Apache License 2.0
178 stars 43 forks source link

Bug: Invalid or unsupported zip format. No END header found #197

Closed MichaelLeeHobbs closed 2 years ago

MichaelLeeHobbs commented 2 years ago

Bug: Invalid or unsupported zip format. No END header found

Steps to reproduce the issue:

  1. docker scan nextgenhealthcare/connect
  2. Invalid or unsupported zip format. No END header found

Describe the results you received: Invalid or unsupported zip format. No END header found

Describe the results you expected: Scan results or a better error message tell me what's wrong.

Additional information you deem important (e.g. issue happens only occasionally):

Output of docker version:

$ docker -v
Docker version 20.10.11, build dea9396

Output of docker scan --version:

$ docker scan --version
Version:    v0.14.0
Git commit: 3f7dbd1
Provider:   Snyk (1.801.0 (standalone))

Output of docker info:

$ docker info
Client:
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc., v0.7.1)
  compose: Docker Compose (Docker Inc., v2.2.1)
  scan: Docker Scan (Docker Inc., v0.14.0)

Server:
 Containers: 10
  Running: 7
  Paused: 0
  Stopped: 3
 Images: 91
 Server Version: 20.10.11
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 7b11cfaabd73bb80907dd23182b9347b4245eb5d
 runc version: v1.0.2-0-g52b36a2
 init version: de40ad0
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 5.4.72-microsoft-standard-WSL2
 Operating System: Docker Desktop
 OSType: linux
 Architecture: x86_64
 CPUs: 8
 Total Memory: 50.06GiB
 Name: docker-desktop
 ID: Y5NW:WOQ3:VBX3:BSUK:VG7O:3LUA:BC5E:YCMB:GTUK:WSKS:SCH5:MMBM
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

WARNING: No blkio throttle.read_bps_device support
WARNING: No blkio throttle.write_bps_device support
WARNING: No blkio throttle.read_iops_device support
WARNING: No blkio throttle.write_iops_device support

Additional environment details (AWS, VirtualBox, physical, etc.): Have tried both PowerShell and WSL2. Have not tested on linux box.

StefanScherer commented 2 years ago

Thanks for the report. With Docker Desktop 4.4.x we updated to scan cli plugin 0.16.0 with snyk 1.809.0. I ran docker scan nextgenhealthcare/connect and it shows me a scan result. I think images on hub can use a newer compression type that is maybe not supported by older versions of snyk.

$ docker scan --version
Version:    v0.16.0
Git commit: e135637
Provider:   Snyk (1.809.0 (standalone))
StefanScherer commented 2 years ago

I'm going to close this ticket as it is fixed in the current version.