The Dockle component of the scanning tool is broken using ubuntu latest

[iamahern]

There is an upstream issue in the Dockle CLI where it is utilizing the XDG_RUNTIME_DIR variable to determine the docker host settings. See:
goodwithtech/dockle#188

I was able to work around the issue by setting:

env:
  # See https://github.com/goodwithtech/dockle/issues/188
  DOCKLE_HOST: "unix:///var/run/docker.sock"

This is breaking Azure Container Scan for images that are not pushed to container registries on the current ubuntu-latest runner.

[ThadRasmussen]

Thanks for raising this issue and providing a workaround. This issue resulted in being unable so scan a locally build docker image and gave the errors:

Scanning for CIS and best practice violations...
Error: FATAL	unable to initialize a image struct: failed to initialize source: unable to retrieve auth token: invalid username/password: unauthorized: authentication required, visit https://aka.ms/acr/authorization for more information.
Error: An error occurred while scanning the container image for best practice violations

Adding the work-around resolved the issue! 💯

[grzesuav]

hi, I think it is resolved in dockle 0.3.0, so ultimate fix would be to update that dependency goodwithtech/dockle#72 (comment) if I am not mistaken

[loganmarchione]

I was under the impression from this code that it tries to get the latest then falls back to an older version.

https://github.com/Azure/container-scan/blob/master/src/dockleHelper.ts#L190-L202

I think this is where those two versions are defined.

https://github.com/Azure/container-scan/blob/master/src/dockleHelper.ts#L17-L18

[github-actions]

This issue is idle because it has been open for 14 days with no activity.

[KEINOS]

As of 2022/08/20, this problem is still occurring. Currently, @iamahern's solution is the only workaround.

• The error msg.

Scanning for CIS and best practice violations...
Error: FATAL	unable to initialize a image struct: failed to initialize source: reading manifest latest in docker.io/keinos/vscode-dev-container-go-test: errors:
Error: An error occurred while scanning the container image for best practice violations

• The fix.

  name: Azure Scan

  on:
    workflow_dispatch:
    pull_request:
      branches: [main]

  jobs:
    analysis:
      runs-on: ubuntu-latest

      steps:
        - name: Checkout repository
          uses: actions/checkout@v3

        - name: Build Docker image
          run: docker build -t test:local .

        - name: Run Dockle and Trivy
          uses: Azure/container-scan@v0
          with:
            image-name: test:local
            severity-threshold: CRITICAL
+ env:
+  # See:
+  #   https://github.com/goodwithtech/dockle/issues/188
+  #   https://github.com/Azure/container-scan/issues/146
+  DOCKLE_HOST: "unix:///var/run/docker.sock"

[github-actions]

This issue is idle because it has been open for 14 days with no activity.