Skip to content
    • Welcome to the Linux Foundation Forum!

    Note on lab 7.4: "trivy image" instead of "trivy -i"

    Posts: 23
    in LFS260 Class Forum

    Hi,

    just to share the knowledge that trivy image scan instructions in a lab need an update,
    suggested command fails with trivy v0.22.0:

    $ sudo trivy --debug -i nginx
    2022-01-30T20:06:17.948+0200 WARN The root command will be removed. Please migrate to 'trivy image' command. See https://github.com/aquasecurity/trivy/discussions/1515
    2022-01-30T20:06:17.948+0200 DEBUG Severities: UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
    2022-01-30T20:06:17.972+0200 DEBUG cache dir: /root/.cache/trivy
    2022-01-30T20:06:17.972+0200 DEBUG DB update was skipped because DB is the latest
    2022-01-30T20:06:17.972+0200 DEBUG DB Schema: 1, Type: 1, UpdatedAt: 2022-01-30 12:43:56.950700956 +0000 UTC, NextUpdate: 2022-01-30 18:43:56.950700556 +0000 UTC, DownloadedAt: 2022-01-30 17:46:26.104052182 +0000 UTC
    2022-01-30T20:06:17.972+0200 DEBUG Vulnerability type: [os library]
    2022-01-30T20:06:17.973+0200 FATAL scan error:
    github.com/aquasecurity/trivy/pkg/commands/artifact.runWithTimeout
    /home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:71
    - unable to initialize a scanner:
    github.com/aquasecurity/trivy/pkg/commands/artifact.scan
    /home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:211
    - unable to initialize the archive scanner:
    github.com/aquasecurity/trivy/pkg/commands/artifact.archiveScanner
    /home/runner/work/trivy/trivy/pkg/commands/artifact/image.go:21
    - 2 errors occurred:
    * unable to open nginx as a Docker image: unable to open the file: open nginx: no such file or directory
    * unable to open nginx as an OCI Image: stat nginx/index.json: no such file or directory

    As pointed out https://github.com/aquasecurity/trivy/discussions/1515 this works:

    $ sudo trivy image nginx

    Comments

    • Posts: 23

      ...copy/pasted a wrong failed command, here it is:

      $ ls -lha nginx.tar
      -rw-rw-r-- 1 yurick yurick 264M Jan 30 19:51 nginx.tar

      $ sudo trivy -i nginx.tar
      2022-01-30T20:15:23.160+0200 WARN The root command will be removed. Please migrate to 'trivy image' command. See https://github.com/aquasecurity/trivy/discussions/1515
      2022-01-30T20:15:23.246+0200 FATAL scan error: unable to initialize a scanner: unable to initialize the archive scanner: 2 errors occurred:
      * unable to open nginx.tar as a Docker image: tarball must contain only a single image to be used with tarball.Image
      * unable to open nginx.tar as an OCI Image: stat nginx.tar/index.json: not a directory

      Please let me know if I understood it wrong and local images can be still scanned somehow even with the latest trivy.

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Sign In

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Sign In

    Quick Links

    Categories

    Upcoming Training