Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EBS snapshot scanning error - incorrect API endpoint #7512

Closed
2 tasks done
nikpivkin opened this issue Sep 16, 2024 Discussed in #7509 · 0 comments · Fixed by #7513
Closed
2 tasks done

EBS snapshot scanning error - incorrect API endpoint #7512

nikpivkin opened this issue Sep 16, 2024 Discussed in #7509 · 0 comments · Fixed by #7513
Assignees
@nikpivkin
Labels
kind/bug Categorizes issue or PR as related to a bug.

Comments

@nikpivkin
Copy link
Contributor

Need to update EBS. See aws/aws-sdk-go-v2#2502

Discussed in #7509

Originally posted by varunupps September 15, 2024

Description

Given an ebs snapshot for scanning
When a vulnerability scan is run against the snapshot
A fatal error occurs due to trivy calling a malformed EBS endpoint (https://ebs..amazonaws.com/snapshots/snap-04adadasd69521a6d94/blocks)

Notice the double dot .. in the hostname, which is not a valid domain format.

Desired Behavior

For EBS snapshot scan to work

Actual Behavior

ubuntu@ip-172-31-40-120:~$ trivy vm --scanners vuln ebs:snap-02a4e2069521a6d91

2024-09-15T14:42:47Z INFO Timeout is set to less than 30 min - upgrading to 30 min for this command.

2024-09-15T14:42:47Z INFO [db] Need to update DB

2024-09-15T14:42:47Z INFO [db] Downloading DB... repository="ghcr.io/aquasecurity/trivy-db:2"

53.23 MiB / 53.23 MiB [-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------] 100.00% 31.12 MiB p/s 1.9s

2024-09-15T14:42:49Z INFO [vuln] Vulnerability scanning is enabled

2024-09-15T14:42:49Z FATAL Fatal error vm scan error: scan error: scan failed: failed analysis: EBS open error: EBS error: operation error EBS: ListSnapshotBlocks, https response error StatusCode: 0, RequestID: , request send failed, Get "https://ebs..amazonaws.com/snapshots/snap-02a4e2069521a6d91/blocks": dial tcp: lookup ebs..amazonaws.com: no such host

Reproduction Steps

1. Install trivy version 0.55.1
2. Run scan against an EBS snapshot, for example: trivy vm --scanners vuln ebs:snap-02a4e2069521a6d91
3. Encounter error

Ec2 instance is assigned the correct IAM instance profile with relevant permissions

Target

None

Scanner

None

Output Format

None

Mode

None

Debug Output

ubuntu@ip-172-31-40-130:~$ trivy vm --scanners vuln ebs:snap-02a4e2069521a6d91 --debug

2024-09-15T14:51:08Z	DEBUG	No plugins loaded

2024-09-15T14:51:08Z	DEBUG	Default config file "file_path=trivy.yaml" not found, using built in values

2024-09-15T14:51:08Z	DEBUG	Cache dir	dir="/home/ubuntu/.cache/trivy"

2024-09-15T14:51:08Z	DEBUG	Cache dir	dir="/home/ubuntu/.cache/trivy"

2024-09-15T14:51:08Z	DEBUG	Parsed severities	severities=[UNKNOWN LOW MEDIUM HIGH CRITICAL]

2024-09-15T14:51:08Z	DEBUG	Ignore statuses	statuses=[]

2024-09-15T14:51:08Z	INFO	Timeout is set to less than 30 min - upgrading to 30 min for this command.

2024-09-15T14:51:08Z	DEBUG	DB update was skipped because the local DB is the latest

2024-09-15T14:51:08Z	DEBUG	DB info	schema=2 updated_at=2024-09-15T12:13:38.386655408Z next_update=2024-09-15T18:13:38.386655258Z downloaded_at=2024-09-15T14:42:49.697020762Z

2024-09-15T14:51:08Z	DEBUG	[pkg] Package types	types=[os library]

2024-09-15T14:51:08Z	DEBUG	[pkg] Package relationships	relationships=[unknown root direct indirect]

2024-09-15T14:51:08Z	INFO	[vuln] Vulnerability scanning is enabled

2024-09-15T14:51:08Z	DEBUG	Enabling misconfiguration scanners	scanners=[azure-arm cloudformation dockerfile helm kubernetes terraform terraformplan-json terraformplan-snapshot]

2024-09-15T14:51:08Z	DEBUG	Initializing scan cache...	type="fs"

2024-09-15T14:51:08Z	FATAL	Fatal error

  - vm scan error:

    github.com/aquasecurity/trivy/pkg/commands/artifact.Run

        /home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:386

  - scan error:

    github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scanArtifact

        /home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:260

  - scan failed:

    github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scan

        /home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:615

  - failed analysis:

    github.com/aquasecurity/trivy/pkg/scanner.Scanner.ScanArtifact

        /home/runner/work/trivy/trivy/pkg/scanner/scan.go:158

  - EBS open error:

    github.com/aquasecurity/trivy/pkg/fanal/artifact/vm.(*EBS).Inspect

        /home/runner/work/trivy/trivy/pkg/fanal/artifact/vm/ebs.go:46

  - EBS error:

    github.com/aquasecurity/trivy/pkg/fanal/artifact/vm.(*EBS).openEBS

        /home/runner/work/trivy/trivy/pkg/fanal/artifact/vm/ebs.go:88

  - operation error EBS: ListSnapshotBlocks, https response error StatusCode: 0, RequestID: , request send failed, Get "https://ebs..amazonaws.com/snapshots/snap-02a4e2069521a6d91/blocks": dial tcp: lookup ebs..amazonaws.com: no such host

Operating System

ubuntu 22.0

Version

Version: 0.55.1

Checklist
@nikpivkin nikpivkin added the kind/bug Categorizes issue or PR as related to a bug. label Sep 16, 2024
@nikpivkin nikpivkin self-assigned this Sep 16, 2024
This was referenced Sep 16, 2024
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nikpivkin nikpivkin

Labels
kind/bug Categorizes issue or PR as related to a bug.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

chore(deps): bump go-ebs-file nikpivkin/trivy
1 participant
@nikpivkin