Invalid character "S" while parsing vulnerability report output #2290
Comments
deeaitsch84
changed the title
|
This issue is stale because it has been labeled with inactivity. |
github-actions
bot
added
the
lifecycle/stale
itaysk
removed
the
lifecycle/stale
|
hi @deeaitsch84 I'm having difficulty understanding how you got this error. We don't seem to have a way to error out in this manner so looking to get an idea of how you ran into this. Could you elaborate a bit to give us some more insight into what your setup is and how you are running trivy-operator? |
|
@simar7 I suspect the reconciler job that parses the scan job output json is failing because the scan job output is polluted with log lines. we need to understand why these log line wes emitted and disable it, and potentially every other log output. |
|
@itaysk is right. If there were no output the operation would perform as expected. I was able to inject the env variable AWS_EC2_METADATA_DISABLED in the scan job by tweaking the GO source (nothing PR worthy ^^). This fixed my issue. But in general it should be the goal, to clear the stdout to prevent other issues in the future. Dennis |
Hello everyone,
we have decided to evaluate the trivy operator for a recent project. The installation via ArgoCD was straight forward but now I am getting the following error from the operator logs:
{"level":"error","ts":"2024-10-17T19:55:33Z","msg":"Reconciler error","controller":"job","controllerGroup":"batch","controllerKind":"Job","Job":{"name":"scan-vulnerabilityreport-6b454f584","namespace":"trivy"},"namespace":"trivy","name":"scan-vulnerabilityreport-6b454f584","reconcileID":"0319ce29-8505-4e73-b536-5bcaf6f5229c","error":"invalid character 'S' looking for beginning of value","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:324\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:261\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:222"}This is already the second iteration (uncompress the logs and display only critical issues) of debugging and I already broke it down, that this first output line of each vulnerability job is the root cause:
SDK 2024/10/17 19:39:01 WARN falling back to IMDSv1: operation error ec2imds: getToken, http response error StatusCode: 405, request to EC2 IMDS failedSince I am not a go developer I am not quite sure how to disable the logging of the AWS SDK or even configure the log level or disabling IMDS (env AWS_EC2_METADATA_DISABLED ?).
I am using the most recent helm chart (0.24.1) with the app version 0.22.0 and k8s v1.25.3-r0-25.2.19
Thanks in advance for your help
Dennis
The text was updated successfully, but these errors were encountered: