Skip to content

BUG: Trivy Pipeline Timeout

Description of the bug:

  • Pipeline fail wegen Timeout des Trivy Scans
  • Erhöhung des Timeouts auf 30 Minuten hat auch nichts gebracht:

https://git.fitko.de/fit-connect/zustelldienst/-/jobs/314680

  • Fehlverhalten nach Renovate Automerge from /aquasec/trivy:0.54.1 to aquasec/trivy:0.55.0

v.0.55.0 has breaking changes. Habe in der Config aber nichts entdeckt, was durch dieses Changes beeinträchtigt sein sollte.

https://github.com/aquasecurity/trivy/releases/tag/v0.55.0

https://aquasecurity.github.io/trivy/v0.55/docs/configuration/

Current behavior:

  • Pipeline ist jetzt grün, weil ich
    • aquasec/trivy:0.55.0
    • auf
    • /aquasec/trivy:0.54.1
    • revertet habe.
  • Der Renovate MR von 0.55.0 hat erst Mal einen "Do not Merge" label
  • /aquasec/trivy habe ich aus der renovate.json excluded, da diese breaking changes auch als minor version veröffentlichen.

Expected behavior:

Environments:

Additional Information:

Dependency / relationship to other issues:

Responsible person / team:

Infrastruktur

Contact persons including contact details:

Screenshots / Logs / Requests:

https://git.fitko.de/fit-connect/zustelldienst/-/jobs/314648

2024-09-04T10:58:41Z FATAL Fatal error

3260 - fs scan error:

3261 github.com/aquasecurity/trivy/pkg/commands/artifact.Run

3262 /home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:386

3263 - scan error:

3264 github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scanArtifact

3265 /home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:260

3266 - scan failed:

3267 github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scan

3268 /home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:615

3269 - failed analysis:

3270 github.com/aquasecurity/trivy/pkg/scanner.Scanner.ScanArtifact

3271 /home/runner/work/trivy/trivy/pkg/scanner/scan.go:158

3272 - post analysis error:

3273 github.com/aquasecurity/trivy/pkg/fanal/artifact/local.Artifact.Inspect

3274 /home/runner/work/trivy/trivy/pkg/fanal/artifact/local/fs.go:121

3275 - post analysis error:

3276 github.com/aquasecurity/trivy/pkg/fanal/analyzer.AnalyzerGroup.PostAnalyze

3277 /home/runner/work/trivy/trivy/pkg/fanal/analyzer/analyzer.go:510

3278 - dockerfile scan error:

3279 github.com/aquasecurity/trivy/pkg/fanal/analyzer/config.(*Analyzer).PostAnalyze

3280 /home/runner/work/trivy/trivy/pkg/fanal/analyzer/config/config.go:46

3281 - scan config error:

3282 github.com/aquasecurity/trivy/pkg/misconf.(*Scanner).Scan

3283 /home/runner/work/trivy/trivy/pkg/misconf/scanner.go:148

3284 - context deadline exceeded

Checklist:

  • Add Severity label
  • Add team label
  • Related/affected issues/stories/epics linked and explained in the bug issue
  • Creation of an automated test
  • Bugfix deployed on DEV
  • Bugfix tested on DEV
  • Bugfix deployed on TEST
  • Bugfix tested on TEST (possibly also by the connection project itself)
  • Successful fix reported to Team Operations (Teams channel)
  • Bugfix deployed on STAGE
  • Bugfix tested on STAGE if necessary
  • Bugfix deployed on PROD
  • Bugfix tested on PROD (possibly also by the connection project itself)
  • Final communication by Team Operations if necessary
  • Internal documentation was checked and updated if necessary
  • External documentation has been checked and updated if necessary
  • Updated changelog if necessary

Approach/Solution:

Release version of the artifact:

Edited by Minh Nguyen