Trivy-action fails on local images in self hosted GHA runners dind mode - EKS

[rolandfuszenecker-seon]

Hi,

I would like to raise an issue with trivy-action running in self-hosted runners hosted in EKS with docker in docker mode.

When I try to run trivy scan in these runners I'm always getting the following error message:
docker error: unable to inspect the image (testimage): Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
My workflow works well with Github provided ubuntu runners.

I think the problem is somewhere with the docker sockets, because everything else works with docker only trivy is not able to see the locally builded images. If I try to scan an image from a remote repository that works fine. I also tried to use the docker cli to run the trivy against the builded image with docker run --rm -v /var/run/docker.sock:/var/run/docker.sock aquasec/trivy image <image> without any success.

If you have any idea what could be wrong please don't hesitate to share your thoughts.

[simar7]

I've never tried running Trivy-action with self hosted runners so I can't comment much. It might be very well the case that it isn't supported today to run on self hosted runners. We can keep this issue for the community to share any insight with us.