Replies: 1 comment
-
Hi @smeckert ! Track #7352 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Question
Description
I hope the issue didn't exist yet, because at least I couldn't find it. I use trivy for scanning Terraform files locally and in a CICD pipeline for Terraform. I use the following versions:
local => trivy 0.53.0
CICD => trivy 0.54.0
The pipeline is built with AWS Code* tools. According to this, trivy runs in a CodeBuild project. I built my own container image for the pipeline based on Alpine and Amazon Linux 2 (just for testing). Here is the content, almost everything irrelevant is removed.
Alpine:
As already mentioned, trivy runs in a container (AWS CodeBuild Project) and here is the content of the buildspec.yaml.
Desired Behavior
If I build an image locally and run it locally, then create a main.tf with content inside the container and use trviy for a scan, then it works without problems (applies to the Alpine and Amazon Linux version of the image). If I use the same image in a CodeBuild project, then I get an error. At first I thought it had something to do with the sizing of the container in terms of CPU/memory, but changes did not help.
Actual Behavior
This is the error I get with all the images I have tested so far.
Question
I can't get into the CodeBuild container in AWS and check what is failing there. The
--debug
logs are certainly helpful, but I can't tell exactly where the error is coming from. Does anyone have an idea?Target
Filesystem
Scanner
Misconfiguration
Output Format
JSON
Mode
None
Operating System
No response
Version
Beta Was this translation helpful? Give feedback.
All reactions