Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Using scan2html on Alpine linux: plugin error no such file or directory #32

Closed
DenMX opened this issue Apr 11, 2024 · 6 comments
Closed

Using scan2html on Alpine linux: plugin error no such file or directory #32

DenMX opened this issue Apr 11, 2024 · 6 comments
Assignees
@fatihtokus

Comments

@DenMX
Copy link

DenMX commented Apr 11, 2024

When i call "trivy scan2html -h" i got an error that says no such file or directory, but file exist. Mb i'm doing something wrong
image
@fatihtokus fatihtokus self-assigned this Apr 11, 2024
@fatihtokus
Copy link
Owner

fatihtokus commented Apr 11, 2024
edited
Loading

Hi @DenMX ,

Thanks for using this plugin. Can you execute this command trivy plugin list and share the output please?

Regards,
Fatih

@Fatima-Zahraebhbn
Copy link

Hi Fatih,

I'm using docker Alpine and I'm facing the same situation.
In alpine, I get the trivy file using the command curl -s -L -o - https://github.com/aquasecurity/trivy/releases/download/v0.50.4/trivy_0.50.4_Linux-64bit.tar.gz | tar -xz and the plugin installation was done using ./trivy plugin install github.com/fatihtokus/scan2html

The plugin was installed correctly as I can see it using the command ./trivy plugin list

Installed Plugins:
Name: scan2html
Version: 0.2.6

But the moment i execute ./trivy scan2html --scanner i get the error
scan2html doesn't exist, but I see it
-rwxr-xr-x 1 root root 4643 Apr 18 18:52 /root/.trivy/plugins/scan2html/scan2html

When I precise the absolute path to the scan2html in trivy command, I get the error

Plugin Commands
scan2html scan targets into a smart html file
Flags:
--cache-dir string cache directory (default "/root/.cache/trivy")
-c, --config string config path (default "trivy.yaml")
-d, --debug debug mode
-f, --format string version format (json)
--generate-default-config write the default config to trivy-default.yaml
-h, --help help for trivy
--insecure allow insecure server connections
-q, --quiet suppress progress bar and log output
--timeout duration timeout (default 5m0s)
-v, --version show version
Use "trivy [command] --help" for more information about a command.
2024-04-25T07:56:09.275Z FATAL unknown flag: --scanners

is it maybe a compatibility issue in alpine ? As we are using gitlab pipeline, the Alpine docker image is used all the time

Thank you in advance !

Fatima

@fatihtokus
Copy link
Owner

Hi @Fatima-Zahraebhbn ,

Thanks for the detailed explanation. Because now two users are having this issue, we will be looking at this as a priority. We will keep you updated.

Regards

@fatihtokus
Copy link
Owner

Hi @Fatima-Zahraebhbn , @DenMX ,

I have created a gitlab pipeline to test the plugin. And saw that scan2html was trying to execute 'trivy' command instead of './trivy' which has been fixed with the latest release of v0.2.8. Also I noticed that the command that you use is missing flags. Can you use it like below, you need to pass a flag(misconfig,secret,license,vuln) after '---scanners'?

  • ./trivy scan2html image --scanners misconfig,secret,license,vuln ruby:3.1 report.html

gitLab test pipeline details:
https://gitlab.com/fatih.tokus/scan2html-test/-/blob/main/.gitlab-ci.yml
https://gitlab.com/fatih.tokus/scan2html-test/-/jobs/6733545559

Regards,
Fatih

@Fatima-Zahraebhbn
Copy link

Hi Fatih,

Thank you for the quick feedback and the fix that you provided.

I can see in your gitlab job that you used ruby:3.1 to execute your test ,i did the same and the scan went smooth. Unfortunately I still had the same issue in Alpine, I believe it could be an issue related to missing prerequisites (eg: ruby package, ..) ?

I could confirm that the plugin is working fine in opensuse/leap

Thank you !
Fatima

@fatihtokus
Copy link
Owner

fatihtokus commented May 1, 2024
edited
Loading

Hi @Fatima-Zahraebhbn , @DenMX ,

At last we have found the root cause of your issue. And good news is that it is nothing to do with scan2html but missing bash and git on alpine linux.
Have a look at the following pipeline configuration and let me know if the issue still exists.
Can I ask a favour, could you give us a star which will really motivate us?
And if you need any new feature that can be good in this plugin, please do not hesitate..

https://gitlab.com/fatih.tokus/scan2html-test/-/jobs/6758501126

stages:

  • build

build-job:
image: alpine:3.14
stage: build
script:
- apk update
- apk upgrade
- apk add bash
- apk add curl
- apk --no-cache add ca-certificates git
- curl -s -L -o - https://github.com/aquasecurity/trivy/releases/download/v0.50.4/trivy_0.50.4_Linux-64bit.tar.gz | tar -xz
- ./trivy plugin list
- ./trivy plugin install github.com/fatihtokus/scan2html
- ./trivy plugin list
- ./trivy scan2html image --scanners vuln ruby:3.1 report.html

@fatihtokus fatihtokus changed the title plugin error no such file or directory Using scan2html on Alpine linux: plugin error no such file or directory May 2, 2024
@fatihtokus fatihtokus mentioned this issue May 7, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fatihtokus fatihtokus

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@fatihtokus @Fatima-Zahraebhbn @DenMX