You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are alsmost building 35 containers in their own github actions jobs at once and running the scanning for all containers. We use github hosted runners.
It is some times effecting our releases. I have raised similar issue couple of weeks back and got no response. If someone can take a look and hoping to get some response on this.
The text was updated successfully, but these errors were encountered:
/usr/bin/docker run --name bbfa21899dd23a9b26470f8760c98fc82b97d4_6dd5af --label bbfa21 --workdir /github/workspace --rm -e "ProjectName" -e "somenev" -e "somenev" -e "somenev" -e "somenev" -e "somenev" -e "somenev" -e "someenv" -e "somenev" -e "FULLY_QUALIFIED_IMAGE" -e "INPUT_IMAGE-REF" -e "INPUT_FORMAT" -e "INPUT_OUTPUT" -e "INPUT_SEVERITY" -e "INPUT_IGNORE-UNFIXED" -e "INPUT_SCAN-TYPE" -e "INPUT_INPUT" -e "INPUT_SCAN-REF" -e "INPUT_EXIT-CODE" -e "INPUT_VULN-TYPE" -e "INPUT_TEMPLATE" -e "INPUT_SKIP-DIRS" -e "INPUT_SKIP-FILES" -e "INPUT_CACHE-DIR" -e "INPUT_TIMEOUT" -e "INPUT_IGNORE-POLICY" -e "INPUT_HIDE-PROGRESS" -e "INPUT_LIST-ALL-PKGS" -e "INPUT_SCANNERS" -e "INPUT_TRIVYIGNORES" -e "INPUT_ARTIFACT-TYPE" -e "INPUT_GITHUB-PAT" -e "INPUT_TRIVY-CONFIG" -e "INPUT_TF-VARS" -e "INPUT_LIMIT-SEVERITIES-FOR-SARIF" -e "INPUT_DOCKER-HOST" -e "HOME" -e "GITHUB_JOB" -e "GITHUB_REF" -e "GITHUB_SHA" -e "GITHUB_REPOSITORY" -e "GITHUB_REPOSITORY_OWNER" -e "GITHUB_REPOSITORY_OWNER_ID" -e "somenev" -e "GITHUB_RUN_NUMBER" -e "GITHUB_RETENTION_DAYS" -e "GITHUB_RUN_ATTEMPT" -e "GITHUB_REPOSITORY_ID" -e "GITHUB_ACTOR_ID" -e "GITHUB_ACTOR" -e "GITHUB_TRIGGERING_ACTOR" -e "GITHUB_WORKFLOW" -e "GITHUB_HEAD_REF" -e "GITHUB_BASE_REF" -e "GITHUB_EVENT_NAME" -e "GITHUB_SERVER_URL" -e "GITHUB_API_URL" -e "GITHUB_GRAPHQL_URL" -e "GITHUB_REF_NAME" -e "GITHUB_REF_PROTECTED" -e "GITHUB_REF_TYPE" -e "GITHUB_WORKFLOW_REF" -e "GITHUB_WORKFLOW_SHA" -e "GITHUB_WORKSPACE" -e "GITHUB_ACTION" -e "GITHUB_EVENT_PATH" -e "GITHUB_ACTION_REPOSITORY" -e "GITHUB_ACTION_REF" -e "GITHUB_PATH" -e "GITHUB_ENV" -e "GITHUB_STEP_SUMMARY" -e "GITHUB_STATE" -e "GITHUB_OUTPUT" -e "RUNNER_OS" -e "RUNNER_ARCH" -e "RUNNER_NAME" -e "RUNNER_ENVIRONMENT" -e "RUNNER_TOOL_CACHE" -e "RUNNER_TEMP" -e "RUNNER_WORKSPACE" -e "ACTIONS_RUNTIME_URL" -e "ACTIONS_RUNTIME_TOKEN" -e "ACTIONS_CACHE_URL" -e "ACTIONS_ID_TOKEN_REQUEST_URL" -e "ACTIONS_ID_TOKEN_REQUEST_TOKEN" -e "ACTIONS_RESULTS_URL" -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/repo/repo":"/github/workspace" bbfa21:899dd23a9b26470f8760c98fc82b97d4 "-a image" "-b sarif" "-c " "-d " "-e true" "-f os,library" "-g CRITICAL,HIGH" "-h scan-results.sarif" "-i docker.azurecr.io/test:27887ji" "-j ." "-k " "-l " "-m " "-n " "-o " "-p " "-q " "-r false" "-s " "-t " "-u " "-v " "-x " "-z " "-y "
Building SARIF report with options: --ignore-unfixed --vuln-type os,library docker.azurecr.io/test.27887ji.
This is the comman.d which is running when It is failing I am not sure this part
"-j ." "-k " "-l " "-m " "-n " "-o " "-p " "-q " "-r false" "-s " "-t " "-u " "-v " "-x " "-z " "-y "
It is failing in below step with no error at all . It's been happeing many times
- name: Run Trivy vulnerability scanner uses: aquasecurity/[email protected] with: image-ref: '${{ env.FULLY_QUALIFIED_IMAGE }}:${{ inputs.imagetag }}' format: 'sarif' output: 'scan-results.sarif' severity: 'CRITICAL,HIGH' ignore-unfixed: true
We are alsmost building 35 containers in their own github actions jobs at once and running the scanning for all containers. We use github hosted runners.
It is some times effecting our releases. I have raised similar issue couple of weeks back and got no response. If someone can take a look and hoping to get some response on this.
The text was updated successfully, but these errors were encountered: