mariojmdavid
commented
1 year ago hi I just tested it with our latest release 1.3.9 repeated you steps and
bin/syft amazon.tar
✔ Indexed /tmp/syft-archive-contents-2002306654
✔ Cataloged packages [22 packages]
NAME VERSION TYPE
github.com/aws/amazon-ecs-agent/agent (devel) go-module
github.com/aws/amazon-ecs-cni-plugins/plugins/ecs-bridge v2020.09.0 go-module
github.com/aws/amazon-ecs-cni-plugins/plugins/eni v2020.09.0 go-module
github.com/aws/amazon-ecs-cni-plugins/plugins/ipam v2020.09.0 go-module
github.com/aws/amazon-vpc-cni-plugins v1.3-16-g30b9470 go-module
github.com/cihub/seelog v0.0.0-20151216151435-d2c6e5aa9fbf go-module
github.com/containernetworking/cni v0.8.1 go-module
github.com/coreos/go-iptables v0.6.0 go-module
github.com/vishvananda/netlink v1.1.1-0.20210316144550-c21bda41e995 go-module
github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae go-module
golang.org/x/sys v0.0.0-20200728102440-3e129f6d46b1 go-module
please test it, and if ok, we can close this issue
Hey,
We are using udocker inside a docker container in order to fetch images and exporting SBOM using Syft Looks like the container which was created using udocker is different from the one created by just docker CLI (which we cannot run as we cannot get root privileges)
Running the following commands, to create a container and run syft -
Then run syft on the container:
If I am running syft on amazon/amazon-ecs-agent:latest, directly, I am getting 3 packages.
Looks like something is wrong with the created container, this is why the warning is produced. Any suggestions?