Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add option to ignore Unknown OS #8

Closed
nunofernandes opened this issue May 16, 2019 · 4 comments · Fixed by #40 or #476
Closed

Add option to ignore Unknown OS #8

nunofernandes opened this issue May 16, 2019 · 4 comments · Fixed by #40 or #476
Assignees
@simar7

Comments

@nunofernandes
Copy link

Some images have just a binary (for example a go program) and trivy fails with the error:

2019-05-16T18:53:09.787+0100    FATAL   error in image scan: failed to scan image: failed to analyze OS: Unknown OS

It also returns error code=1

We should have an option in the command line to return 0 as error code when the image OS isn't found as I want all my images to be scanned in the pipeline but the pipeline shouldn't fail because the scanner can't find the OS. I could wrap trivy with a shell script but I find in useless as it would be better to be included in the trivy command.

Thanks,
@knqyf263 knqyf263 mentioned this issue May 21, 2019
Merged
@knqyf263
Copy link
Collaborator

@nunofernandes Thank you for reporting an issue. I fixed not to give an error in the case of unsupported OS.

@nunofernandes
Copy link
Author

Awsome! Great work!

@JorritSalverda
Copy link

This seems to have regressed in version v0.3.1 (or earlier), I get the following for a FROM scratch image:

FATAL	error in image scan: failed to scan the image: failed to analyze OS: Unknown OS

And since I call trivy with --exit-code 1 in my ci/cd pipeline this fails the step.

I guess this started happening when trivy start using the analyzer in the fanal repo, given that this returns an ErrUnknownOS at https://github.com/aquasecurity/fanal/blob/master/analyzer/analyzer.go#L161 which gets returned at https://github.com/aquasecurity/trivy/blob/master/pkg/scanner/ospkg/scan.go#L31-L34

@qdm12
Copy link

qdm12 commented Mar 23, 2020

I'm having the issue as well.

Ideally I would like to run Trivy for all my repositories, but some of the Docker images are Scratch based so Trivy returns a status code 1. It would be nice to have an option flag to return 0 if it's an unknown image.

Thanks!

@knqyf263 knqyf263 reopened this Apr 20, 2020
@simar7 simar7 mentioned this issue Apr 21, 2020
Closed
@knqyf263 knqyf263 mentioned this issue Apr 26, 2020
Merged
yashvardhan-kukreja pushed a commit to yashvardhan-kukreja/trivy that referenced this issue Aug 12, 2020
@simar7 @yashvardhan-kukreja
# This is a combination of 17 commits.
103fde2 
parent 4b57c0d
author Simarpreet Singh <simar@linux.com> 1594135002 -0700
committer Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 1597228077 +0530
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEo6kc/h77LUwnQeM/dxKAODWqo7oFAl8zxC0ACgkQdxKAODWq
 o7pG3g//VIXCQt6z8dhORimZEAXLbwI7WuUYxkkGGKceuhCWwEs7HVJLkNBiIml1
 6gDnc8sMkG7FqFGAi5RHvdez9vqWZRxaoWgJ2J39u/sTow3QEwvzIAdjG7+4LHOs
 7mgg82qQp5Vb0UVudEitc3bqukoO61B0pszC3S8wacq3uWfq5IPRvVePBA0SD9+W
 jykmLzVp5NGeKRnOCuJw9HkRP9+lKfCJwb4K8xbTjJjuWUDj9k6oRV1XKNQcyWCi
 KzEEV1snKne8dsUYPf9dN6FuJFi6c+a4L7vX96dlKLKJDQD0y1qQHhdBSNwqP7Wj
 RHL/WuMt3Yx6sZe30dPA3I7Tj2zizodjRs+Qst1Jfyjv/5e4Ap2gqmf39pse4O8n
 Ct4UA+5zTsulyT/5aUa/gIYFUH+luznCqiYoQtQ7TgELtcVOcgGfJciq+kPp6NWP
 GS2IcBH/XSOkQ4nRQrbQ/vutItYNUcE2Oe0xLerTih3+Sx+SKufSecLoSqOTgJdG
 TEqU6UkZB3mV3Y5j9MYmvF2Yvq+Ll2tw5FzxLA6kg+eTa1ochn/xwi11/kDQYqf3
 CkH8Z4/ZgHx5xHwLkLxMleaiQP3EbyxaEBZYgzrOzp8rnT4HU+FeSUrkqlcyBrRN
 HSFMQlKXq+o/yfgVVh51LyGSFlHncVm1Jv6UirsGj7NAvso+BqA=
 =QhX4
 -----END PGP SIGNATURE-----

# This is a combination of 6 commits.
# This is the 1st commit message:

db: Update trivy-db to include CVSS score info (aquasecurity#530)

* mod: Update trivy-db to include CVSS score info

Signed-off-by: Simarpreet Singh <simar@linux.com>

* mod: Update go.mod

Signed-off-by: Simarpreet Singh <simar@linux.com>

* mod: Update trivy-db to latest

Signed-off-by: Simarpreet Singh <simar@linux.com>
# This is the commit message aquasecurity#2:

Adding contrib/junit.tpl to docker image (aquasecurity#554)


# This is the commit message aquasecurity#3:

Fixing `Error retrieving template from path` when --format is not template but template is provided (aquasecurity#556)


# This is the commit message aquasecurity#4:

added: display last db update whenever trivy server is started in trivy client/server setup

# This is the commit message aquasecurity#5:

Added: entry for prometheus/client_golang package

# This is the commit message aquasecurity#6:

Added: prometheus metrics endpoint support for Last DB Update and Last DB Update Attempt metric

# This is the commit message aquasecurity#7:

Added: entry for prometheus/client_golang package

# This is the commit message aquasecurity#8:

Added: prometheus metrics endpoint support for Last DB Update and Last DB Update Attempt metric

# This is the commit message aquasecurity#9:

Refactored: Shifted the GaugeVec global var to config.go . Removed unnecessarily repeated vars. Added nil check for GaugeVec

# This is the commit message aquasecurity#10:

Added: Nil GaugeVec Fail check

# This is the commit message aquasecurity#11:

Added: nil check for metrics registry

# This is the commit message aquasecurity#12:

Modified: tests with respect to nil metrics registry

# This is the commit message aquasecurity#13:

Merge with master

# This is the commit message aquasecurity#14:

Merge branch 'master' into issue-aquasecurity#346

# This is the commit message aquasecurity#15:

Resolved merge conflicts

# This is the commit message aquasecurity#16:

Resolved merge conflicts

# This is the commit message aquasecurity#17:

feat(vulnerability): add CWE-ID (aquasecurity#561)

* chore(mod): update dependency

* test(vulnerability): add CweIDs
liamg pushed a commit that referenced this issue Jun 7, 2022
@knqyf263
Clear cache (#8)
47e7922
liamg pushed a commit that referenced this issue Jun 7, 2022
@knqyf263
Clear cache (#8)
ceab600
josedonizetti referenced this issue in josedonizetti/trivy Jun 24, 2022
@liamg
Merge pull request #8 from aquasecurity/add-build
525444b 
add build to run on PRs
knqyf263 pushed a commit to knqyf263/trivy that referenced this issue Feb 9, 2024
@lizrice
Merge pull request aquasecurity#8 from aquasecurity/transfer
ea223f0 
Transfer repositoriy
knqyf263 pushed a commit to knqyf263/trivy that referenced this issue Feb 9, 2024
@lizrice
Merge pull request aquasecurity#8 from aquasecurity/transfer
03b7d94 
Transfer repositoriy
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@simar7 simar7

Labels
None yet
Projects
None yet
Milestone
No milestone
5 participants
@JorritSalverda @nunofernandes @simar7 @knqyf263 @qdm12