Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

trivy output does not match trivy@1 - Azure DevOps Pipeline #99

Open
MilesCameron-DMs opened this issue Mar 6, 2024 · 3 comments
Open

trivy output does not match trivy@1 - Azure DevOps Pipeline #99

MilesCameron-DMs opened this issue Mar 6, 2024 · 3 comments

Comments

@MilesCameron-DMs
Copy link

Agent: Ubuntu latest, using Azure DevOps pipelines.

I have been running trivy side by side and found the results in MicrosoftSecurityDevOps@1 to be less than the output results running in trivy@1

The lack of working examples for MicrosoftSecurityDevOps@1 probably doesn't help - it takes me some time to figure out how to use the task and i cant get gdnconfig files to work.

I originally started with this config:

- job: microsoft_security_devops
        continueOnError: false
        steps:
        - task: MicrosoftSecurityDevOps@1
          displayName: 'Microsoft Security DevOps'
          inputs:
            command: 'run' 
            tools: terrascan, trivy

I then created a gdnconfig file and tried to use the

config: '$(System.DefaultWorkingDirectory)/workflows/templates/*.gdnconfig'

I tried loads of variances of the path but every single time it adds a postfix '-linux' to the file name. So the path would turn into:

config: '$(System.DefaultWorkingDirectory)/workflows/templates/*-linux.gdnconfig'

Anyway, the output for the results showed 0 for the MicrosoftSecurityDevOps@1 task and 5 (2 critical, 1 high, and 2 medium) using the trivy@1 task.

I have no confidence in what it showing me and the lack of decent examples and clear documentation is compounding the issue.

Any help appreciated - especially if anyone has got a working example of using trivy, with a gdnconfig file on a Linux agent. 😄
@Isaacwade
Copy link

Isaacwade commented Jun 12, 2024
edited
Loading

Facing this same issue as well. The *.gdnconfig file is not found and it adds the -linux to it. I get this error:

##[error]ConfigurationPathNotFoundException: A configuration file could not be found for: **/*-linux.gdnconfig. This is often due to attempting to use a tool on a platform where it is not yet supported.

##[error]MSDO CLI exited with an error exit code: 1

I have also tried adding the -linux to the file name, but get another error

@Saulopv
Copy link

Saulopv commented Aug 14, 2024

Yeah the lack of documentation and examples are mind-boggling.. I get the same issue.

@HEG2RNG
Copy link

HEG2RNG commented Nov 19, 2024

Any updates? I get the same error trying to use a .gdnconfig file for Checkov

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Saulopv @Isaacwade @MilesCameron-DMs @HEG2RNG