gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 15:50:15 -08:00
Code Issues Packages Projects Releases Wiki Activity

fix(k8s): no error logged if trivy can't get docker image in kubernetes mode (#2521)

Browse Source 
* Enable k8s logging and increase log level of the image scan errors

* Rework errors reporting

* Rework GetErrors method into printErrors

Print errors during report writing

* Increase log level for scan errors logging
This commit is contained in:
Denys Mazhar
2022-07-21 21:34:47 +03:00
committed by GitHub
parent e1e02d785f
commit 84677903a6
3 changed files with 19 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
pkg/k8s/commands/run.go
View File

@@ -71,6 +71,7 @@ func run(ctx context.Context, opts flag.Options, cluster string, artifacts []*ar
if err != nil {
return xerrors.Errorf("k8s scan error: %w", err)
}
if err := report.Write(r, report.Option{
Format: opts.Format,
Report: opts.ReportFormat,

17
pkg/k8s/report/report.go
View File

@@ -14,6 +14,7 @@ import (
"github.com/aquasecurity/trivy-kubernetes/pkg/artifacts"
ftypes "github.com/aquasecurity/trivy/pkg/fanal/types"
"github.com/aquasecurity/trivy/pkg/log"
"github.com/aquasecurity/trivy/pkg/types"
)
@@ -129,6 +130,8 @@ type Writer interface {
// Write writes the results in the give format
func Write(report Report, option Option, securityChecks []string, showEmpty bool) error {
report.printErrors()
switch option.Format {
case jsonFormat:
jwriter := JSONWriter{Output: option.Output, Report: option.Report}
@@ -220,3 +223,17 @@ func CreateResource(artifact *artifacts.Artifact, report types.Report, err error
return r
}
func (r Report) printErrors() {
for _, resource := range r.Vulnerabilities {
if resource.Error != "" {
log.Logger.Errorf("Error during vulnerabilities scan: %s", resource.Error)
}
}
for _, resource := range r.Misconfigurations {
if resource.Error != "" {
log.Logger.Errorf("Error during misconfiguration scan: %s", resource.Error)
}
}
}

2
pkg/k8s/scanner/scanner.go
View File

@@ -97,7 +97,7 @@ func (s *Scanner) scanVulns(ctx context.Context, artifact *artifacts.Artifact) (
imageReport, err := s.runner.ScanImage(ctx, s.opts)
if err != nil {
log.Logger.Debugf("failed to scan image %s: %s", image, err)
log.Logger.Warnf("failed to scan image %s: %s", image, err)
resources = append(resources, report.CreateResource(artifact, imageReport, err))
continue
}