admin/aquasecurity-trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2026-02-15 13:13:22 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
6f577d0a4e4fcb0d467cd8f41c0b99fbf640f1bf
aquasecurity-trivy/dev/docs/references/troubleshooting/index.html

3207 lines
69 KiB
HTML
Raw Blame History

<!doctype html>
<html lang="en" class="no-js">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="description" content="A Simple and Comprehensive Vulnerability Scanner for Containers and other Artifacts, Suitable for CI">
<link rel="canonical" href="https://aquasecurity.github.io/trivy/dev/docs/references/troubleshooting/">
<link rel="icon" href="../../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.3.0, mkdocs-material-8.3.9">
<title>Troubleshooting - Trivy</title>
<link rel="stylesheet" href="../../../assets/stylesheets/main.1d29e8d0.min.css">
<link rel="stylesheet" href="../../../assets/stylesheets/palette.cbb835fc.min.css">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback">
<style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style>
<script>__md_scope=new URL("../../..",location),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
</head>
<body dir="ltr" data-md-color-scheme="" data-md-color-primary="none" data-md-color-accent="none">
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
<label class="md-overlay" for="__drawer"></label>
<div data-md-component="skip">
<a href="#troubleshooting" class="md-skip">
Skip to content
</a>
</div>
<div data-md-component="announce">
</div>
<div data-md-component="outdated" hidden>
<aside class="md-banner md-banner--warning">
</aside>
</div>
<header class="md-header md-header--lifted" data-md-component="header">
<nav class="md-header__inner md-grid" aria-label="Header">
<a href="../../.." title="Trivy" class="md-header__button md-logo" aria-label="Trivy" data-md-component="logo">
<img src="../../../imgs/logo-white.svg" alt="logo">
</a>
<label class="md-header__button md-icon" for="__drawer">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2Z"/></svg>
</label>
<div class="md-header__title" data-md-component="header-title">
<div class="md-header__ellipsis">
<div class="md-header__topic">
<span class="md-ellipsis">
Trivy
</span>
</div>
<div class="md-header__topic" data-md-component="header-topic">
<span class="md-ellipsis">
Troubleshooting
</span>
</div>
</div>
</div>
<label class="md-header__button md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
</label>
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
</label>
<nav class="md-search__options" aria-label="Search">
<button type="reset" class="md-search__icon md-icon" aria-label="Clear" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg>
</button>
</nav>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" data-md-scrollfix>
<div class="md-search-result" data-md-component="search-result">
<div class="md-search-result__meta">
Initializing search
</div>
<ol class="md-search-result__list"></ol>
</div>
</div>
</div>
</div>
</div>
<div class="md-header__source">
<a href="https://github.com/aquasecurity/trivy" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.1.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
GitHub
</div>
</a>
</div>
</nav>
<nav class="md-tabs" aria-label="Tabs" data-md-component="tabs">
<div class="md-tabs__inner md-grid">
<ul class="md-tabs__list">
<li class="md-tabs__item">
<a href="../../.." class="md-tabs__link">
HOME
</a>
</li>
<li class="md-tabs__item">
<a href="../../../getting-started/overview/" class="md-tabs__link">
Getting started
</a>
</li>
<li class="md-tabs__item">
<a href="../../" class="md-tabs__link md-tabs__link--active">
Docs
</a>
</li>
<li class="md-tabs__item">
<a href="../../../community/tools/" class="md-tabs__link">
Community
</a>
</li>
</ul>
</div>
</nav>
</header>
<div class="md-container" data-md-component="container">
<main class="md-main" data-md-component="main">
<div class="md-main__inner md-grid">
<div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--primary md-nav--lifted" aria-label="Navigation" data-md-level="0">
<label class="md-nav__title" for="__drawer">
<a href="../../.." title="Trivy" class="md-nav__button md-logo" aria-label="Trivy" data-md-component="logo">
<img src="../../../imgs/logo-white.svg" alt="logo">
</a>
Trivy
</label>
<div class="md-nav__source">
<a href="https://github.com/aquasecurity/trivy" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.1.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
GitHub
</div>
</a>
</div>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../.." class="md-nav__link">
HOME
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_2" type="checkbox" id="__nav_2" >
<label class="md-nav__link" for="__nav_2">
Getting started
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Getting started" data-md-level="1">
<label class="md-nav__title" for="__nav_2">
<span class="md-nav__icon md-icon"></span>
Getting started
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../getting-started/overview/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../../getting-started/installation/" class="md-nav__link">
Installation
</a>
</li>
<li class="md-nav__item">
<a href="../../../getting-started/quickstart/" class="md-nav__link">
Quick Start
</a>
</li>
<li class="md-nav__item">
<a href="../../../getting-started/further/" class="md-nav__link">
Further Reading
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3" type="checkbox" id="__nav_3" checked>
<label class="md-nav__link" for="__nav_3">
Docs
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Docs" data-md-level="1">
<label class="md-nav__title" for="__nav_3">
<span class="md-nav__icon md-icon"></span>
Docs
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_2" type="checkbox" id="__nav_3_2" >
<label class="md-nav__link" for="__nav_3_2">
Vulnerability
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Vulnerability" data-md-level="2">
<label class="md-nav__title" for="__nav_3_2">
<span class="md-nav__icon md-icon"></span>
Vulnerability
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_2_1" type="checkbox" id="__nav_3_2_1" >
<label class="md-nav__link" for="__nav_3_2_1">
Scanning
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Scanning" data-md-level="3">
<label class="md-nav__title" for="__nav_3_2_1">
<span class="md-nav__icon md-icon"></span>
Scanning
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../vulnerability/scanning/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../vulnerability/scanning/image/" class="md-nav__link">
Container Image
</a>
</li>
<li class="md-nav__item">
<a href="../../vulnerability/scanning/filesystem/" class="md-nav__link">
Filesystem
</a>
</li>
<li class="md-nav__item">
<a href="../../vulnerability/scanning/rootfs/" class="md-nav__link">
Rootfs
</a>
</li>
<li class="md-nav__item">
<a href="../../vulnerability/scanning/git-repository/" class="md-nav__link">
Git Repository
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_2_2" type="checkbox" id="__nav_3_2_2" >
<label class="md-nav__link" for="__nav_3_2_2">
Detection
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Detection" data-md-level="3">
<label class="md-nav__title" for="__nav_3_2_2">
<span class="md-nav__icon md-icon"></span>
Detection
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../vulnerability/detection/os/" class="md-nav__link">
OS Packages
</a>
</li>
<li class="md-nav__item">
<a href="../../vulnerability/detection/language/" class="md-nav__link">
Language-specific Packages
</a>
</li>
<li class="md-nav__item">
<a href="../../vulnerability/detection/data-source/" class="md-nav__link">
Data Sources
</a>
</li>
<li class="md-nav__item">
<a href="../../vulnerability/detection/supported/" class="md-nav__link">
Supported
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_2_3" type="checkbox" id="__nav_3_2_3" >
<label class="md-nav__link" for="__nav_3_2_3">
Examples
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Examples" data-md-level="3">
<label class="md-nav__title" for="__nav_3_2_3">
<span class="md-nav__icon md-icon"></span>
Examples
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../vulnerability/examples/filter/" class="md-nav__link">
Vulnerability Filtering
</a>
</li>
<li class="md-nav__item">
<a href="../../vulnerability/examples/report/" class="md-nav__link">
Report Formats
</a>
</li>
<li class="md-nav__item">
<a href="../../vulnerability/examples/db/" class="md-nav__link">
Vulnerability DB
</a>
</li>
<li class="md-nav__item">
<a href="../../vulnerability/examples/cache/" class="md-nav__link">
Cache
</a>
</li>
<li class="md-nav__item">
<a href="../../vulnerability/examples/others/" class="md-nav__link">
Others
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../vulnerability/distributions/" class="md-nav__link">
Distributions
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_2_5" type="checkbox" id="__nav_3_2_5" >
<label class="md-nav__link" for="__nav_3_2_5">
Languages
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Languages" data-md-level="3">
<label class="md-nav__title" for="__nav_3_2_5">
<span class="md-nav__icon md-icon"></span>
Languages
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../vulnerability/languages/golang/" class="md-nav__link">
Go
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_3" type="checkbox" id="__nav_3_3" >
<label class="md-nav__link" for="__nav_3_3">
Misconfiguration
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Misconfiguration" data-md-level="2">
<label class="md-nav__title" for="__nav_3_3">
<span class="md-nav__icon md-icon"></span>
Misconfiguration
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../misconfiguration/scanning/" class="md-nav__link">
Scanning
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_3_2" type="checkbox" id="__nav_3_3_2" >
<label class="md-nav__link" for="__nav_3_3_2">
Policy
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Policy" data-md-level="3">
<label class="md-nav__title" for="__nav_3_3_2">
<span class="md-nav__icon md-icon"></span>
Policy
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../misconfiguration/policy/builtin/" class="md-nav__link">
Built-in Policies
</a>
</li>
<li class="md-nav__item">
<a href="../../misconfiguration/policy/exceptions/" class="md-nav__link">
Exceptions
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_3_3" type="checkbox" id="__nav_3_3_3" >
<label class="md-nav__link" for="__nav_3_3_3">
Custom Policies
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Custom Policies" data-md-level="3">
<label class="md-nav__title" for="__nav_3_3_3">
<span class="md-nav__icon md-icon"></span>
Custom Policies
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../misconfiguration/custom/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../misconfiguration/custom/data/" class="md-nav__link">
Data
</a>
</li>
<li class="md-nav__item">
<a href="../../misconfiguration/custom/combine/" class="md-nav__link">
Combine
</a>
</li>
<li class="md-nav__item">
<a href="../../misconfiguration/custom/testing/" class="md-nav__link">
Testing
</a>
</li>
<li class="md-nav__item">
<a href="../../misconfiguration/custom/debug/" class="md-nav__link">
Debugging Policies
</a>
</li>
<li class="md-nav__item">
<a href="../../misconfiguration/custom/examples/" class="md-nav__link">
Examples
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_3_4" type="checkbox" id="__nav_3_3_4" >
<label class="md-nav__link" for="__nav_3_3_4">
Options
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Options" data-md-level="3">
<label class="md-nav__title" for="__nav_3_3_4">
<span class="md-nav__icon md-icon"></span>
Options
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../misconfiguration/options/policy/" class="md-nav__link">
Policy
</a>
</li>
<li class="md-nav__item">
<a href="../../misconfiguration/options/filter/" class="md-nav__link">
Filtering
</a>
</li>
<li class="md-nav__item">
<a href="../../misconfiguration/options/report/" class="md-nav__link">
Report Formats
</a>
</li>
<li class="md-nav__item">
<a href="../../misconfiguration/options/values/" class="md-nav__link">
Value Overrides
</a>
</li>
<li class="md-nav__item">
<a href="../../misconfiguration/options/others/" class="md-nav__link">
Others
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_3_5" type="checkbox" id="__nav_3_3_5" >
<label class="md-nav__link" for="__nav_3_3_5">
Comparison
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Comparison" data-md-level="3">
<label class="md-nav__title" for="__nav_3_3_5">
<span class="md-nav__icon md-icon"></span>
Comparison
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../misconfiguration/comparison/conftest/" class="md-nav__link">
vs Conftest
</a>
</li>
<li class="md-nav__item">
<a href="../../misconfiguration/comparison/tfsec/" class="md-nav__link">
vs tfsec
</a>
</li>
<li class="md-nav__item">
<a href="../../misconfiguration/comparison/cfsec/" class="md-nav__link">
vs cfsec
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_4" type="checkbox" id="__nav_3_4" >
<label class="md-nav__link" for="__nav_3_4">
Secret
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Secret" data-md-level="2">
<label class="md-nav__title" for="__nav_3_4">
<span class="md-nav__icon md-icon"></span>
Secret
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../secret/scanning/" class="md-nav__link">
Scanning
</a>
</li>
<li class="md-nav__item">
<a href="../../secret/configuration/" class="md-nav__link">
Configuration
</a>
</li>
<li class="md-nav__item">
<a href="../../secret/examples/" class="md-nav__link">
Examples
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_5" type="checkbox" id="__nav_3_5" >
<label class="md-nav__link" for="__nav_3_5">
License
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="License" data-md-level="2">
<label class="md-nav__title" for="__nav_3_5">
<span class="md-nav__icon md-icon"></span>
License
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../licenses/scanning/" class="md-nav__link">
Scanning
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_6" type="checkbox" id="__nav_3_6" >
<label class="md-nav__link" for="__nav_3_6">
Kubernetes
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Kubernetes" data-md-level="2">
<label class="md-nav__title" for="__nav_3_6">
<span class="md-nav__icon md-icon"></span>
Kubernetes
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_6_1" type="checkbox" id="__nav_3_6_1" >
<label class="md-nav__link" for="__nav_3_6_1">
CLI
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="CLI" data-md-level="3">
<label class="md-nav__title" for="__nav_3_6_1">
<span class="md-nav__icon md-icon"></span>
CLI
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../kubernetes/cli/scanning/" class="md-nav__link">
Scanning
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_6_2" type="checkbox" id="__nav_3_6_2" >
<label class="md-nav__link" for="__nav_3_6_2">
Operator
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Operator" data-md-level="3">
<label class="md-nav__title" for="__nav_3_6_2">
<span class="md-nav__icon md-icon"></span>
Operator
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../kubernetes/operator/" class="md-nav__link">
Overview
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_7" type="checkbox" id="__nav_3_7" >
<label class="md-nav__link" for="__nav_3_7">
Cloud
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Cloud" data-md-level="2">
<label class="md-nav__title" for="__nav_3_7">
<span class="md-nav__icon md-icon"></span>
Cloud
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../cloud/aws/scanning/" class="md-nav__link">
AWS
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_8" type="checkbox" id="__nav_3_8" >
<label class="md-nav__link" for="__nav_3_8">
SBOM
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="SBOM" data-md-level="2">
<label class="md-nav__title" for="__nav_3_8">
<span class="md-nav__icon md-icon"></span>
SBOM
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../sbom/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../sbom/cyclonedx/" class="md-nav__link">
CycloneDX
</a>
</li>
<li class="md-nav__item">
<a href="../../sbom/spdx/" class="md-nav__link">
SPDX
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_9" type="checkbox" id="__nav_3_9" >
<label class="md-nav__link" for="__nav_3_9">
Attestation
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Attestation" data-md-level="2">
<label class="md-nav__title" for="__nav_3_9">
<span class="md-nav__icon md-icon"></span>
Attestation
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../attestation/sbom/" class="md-nav__link">
SBOM
</a>
</li>
<li class="md-nav__item">
<a href="../../attestation/vuln/" class="md-nav__link">
Cosign Vulnerability Scan Record
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_10" type="checkbox" id="__nav_3_10" >
<label class="md-nav__link" for="__nav_3_10">
Integrations
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Integrations" data-md-level="2">
<label class="md-nav__title" for="__nav_3_10">
<span class="md-nav__icon md-icon"></span>
Integrations
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../integrations/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../integrations/github-actions/" class="md-nav__link">
GitHub Actions
</a>
</li>
<li class="md-nav__item">
<a href="../../integrations/circleci/" class="md-nav__link">
CircleCI
</a>
</li>
<li class="md-nav__item">
<a href="../../integrations/travis-ci/" class="md-nav__link">
Travis CI
</a>
</li>
<li class="md-nav__item">
<a href="../../integrations/gitlab-ci/" class="md-nav__link">
GitLab CI
</a>
</li>
<li class="md-nav__item">
<a href="../../integrations/bitbucket/" class="md-nav__link">
Bitbucket Pipelines
</a>
</li>
<li class="md-nav__item">
<a href="../../integrations/aws-codepipeline/" class="md-nav__link">
AWS CodePipeline
</a>
</li>
<li class="md-nav__item">
<a href="../../integrations/aws-security-hub/" class="md-nav__link">
AWS Security Hub
</a>
</li>
<li class="md-nav__item">
<a href="../../integrations/azure-devops/" class="md-nav__link">
Azure
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_11" type="checkbox" id="__nav_3_11" >
<label class="md-nav__link" for="__nav_3_11">
Advanced
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Advanced" data-md-level="2">
<label class="md-nav__title" for="__nav_3_11">
<span class="md-nav__icon md-icon"></span>
Advanced
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../advanced/modules/" class="md-nav__link">
Modules
</a>
</li>
<li class="md-nav__item">
<a href="../../advanced/plugins/" class="md-nav__link">
Plugins
</a>
</li>
<li class="md-nav__item">
<a href="../../advanced/air-gap/" class="md-nav__link">
Air-Gapped Environment
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_11_4" type="checkbox" id="__nav_3_11_4" >
<label class="md-nav__link" for="__nav_3_11_4">
Container Image
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Container Image" data-md-level="3">
<label class="md-nav__title" for="__nav_3_11_4">
<span class="md-nav__icon md-icon"></span>
Container Image
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../advanced/container/embed-in-dockerfile/" class="md-nav__link">
Embed in Dockerfile
</a>
</li>
<li class="md-nav__item">
<a href="../../advanced/container/unpacked-filesystem/" class="md-nav__link">
Unpacked container image filesystem
</a>
</li>
<li class="md-nav__item">
<a href="../../advanced/container/oci/" class="md-nav__link">
OCI Image
</a>
</li>
<li class="md-nav__item">
<a href="../../advanced/container/podman/" class="md-nav__link">
Podman
</a>
</li>
<li class="md-nav__item">
<a href="../../advanced/container/containerd/" class="md-nav__link">
containerd
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_11_4_6" type="checkbox" id="__nav_3_11_4_6" >
<label class="md-nav__link" for="__nav_3_11_4_6">
Private Docker Registries
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Private Docker Registries" data-md-level="4">
<label class="md-nav__title" for="__nav_3_11_4_6">
<span class="md-nav__icon md-icon"></span>
Private Docker Registries
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../advanced/private-registries/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../advanced/private-registries/docker-hub/" class="md-nav__link">
Docker Hub
</a>
</li>
<li class="md-nav__item">
<a href="../../advanced/private-registries/ecr/" class="md-nav__link">
AWS ECR (Elastic Container Registry)
</a>
</li>
<li class="md-nav__item">
<a href="../../advanced/private-registries/gcr/" class="md-nav__link">
GCR (Google Container Registry)
</a>
</li>
<li class="md-nav__item">
<a href="../../advanced/private-registries/acr/" class="md-nav__link">
ACR (Azure Container Registry)
</a>
</li>
<li class="md-nav__item">
<a href="../../advanced/private-registries/self/" class="md-nav__link">
Self-Hosted
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_12" type="checkbox" id="__nav_3_12" checked>
<label class="md-nav__link" for="__nav_3_12">
References
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="References" data-md-level="2">
<label class="md-nav__title" for="__nav_3_12">
<span class="md-nav__icon md-icon"></span>
References
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_12_1" type="checkbox" id="__nav_3_12_1" >
<label class="md-nav__link" for="__nav_3_12_1">
Customization
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Customization" data-md-level="3">
<label class="md-nav__title" for="__nav_3_12_1">
<span class="md-nav__icon md-icon"></span>
Customization
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../customization/envs/" class="md-nav__link">
Environment variables
</a>
</li>
<li class="md-nav__item">
<a href="../customization/config-file/" class="md-nav__link">
Config file
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_12_2" type="checkbox" id="__nav_3_12_2" >
<label class="md-nav__link" for="__nav_3_12_2">
CLI
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="CLI" data-md-level="3">
<label class="md-nav__title" for="__nav_3_12_2">
<span class="md-nav__icon md-icon"></span>
CLI
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../cli/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../cli/image/" class="md-nav__link">
Image
</a>
</li>
<li class="md-nav__item">
<a href="../cli/config/" class="md-nav__link">
Config
</a>
</li>
<li class="md-nav__item">
<a href="../cli/fs/" class="md-nav__link">
Filesystem
</a>
</li>
<li class="md-nav__item">
<a href="../cli/rootfs/" class="md-nav__link">
Rootfs
</a>
</li>
<li class="md-nav__item">
<a href="../cli/repo/" class="md-nav__link">
Repository
</a>
</li>
<li class="md-nav__item">
<a href="../cli/client/" class="md-nav__link">
Client
</a>
</li>
<li class="md-nav__item">
<a href="../cli/server/" class="md-nav__link">
Server
</a>
</li>
<li class="md-nav__item">
<a href="../cli/plugin/" class="md-nav__link">
Plugin
</a>
</li>
<li class="md-nav__item">
<a href="../cli/sbom/" class="md-nav__link">
SBOM
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_12_3" type="checkbox" id="__nav_3_12_3" >
<label class="md-nav__link" for="__nav_3_12_3">
Modes
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Modes" data-md-level="3">
<label class="md-nav__title" for="__nav_3_12_3">
<span class="md-nav__icon md-icon"></span>
Modes
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../modes/standalone/" class="md-nav__link">
Standalone
</a>
</li>
<li class="md-nav__item">
<a href="../modes/client-server/" class="md-nav__link">
Client/Server
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--active">
<input class="md-nav__toggle md-toggle" data-md-toggle="toc" type="checkbox" id="__toc">
<label class="md-nav__link md-nav__link--active" for="__toc">
Troubleshooting
<span class="md-nav__icon md-icon"></span>
</label>
<a href="./" class="md-nav__link md-nav__link--active">
Troubleshooting
</a>
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#scan" class="md-nav__link">
Scan
</a>
<nav class="md-nav" aria-label="Scan">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#timeout" class="md-nav__link">
Timeout
</a>
</li>
<li class="md-nav__item">
<a href="#certification" class="md-nav__link">
Certification
</a>
</li>
<li class="md-nav__item">
<a href="#github-rate-limiting" class="md-nav__link">
GitHub Rate limiting
</a>
</li>
<li class="md-nav__item">
<a href="#maven-rate-limiting-inconsistent-jar-vulnerability-reporting" class="md-nav__link">
Maven rate limiting / inconsistent jar vulnerability reporting
</a>
</li>
<li class="md-nav__item">
<a href="#running-in-parallel-takes-same-time-as-series-run" class="md-nav__link">
Running in parallel takes same time as series run
</a>
</li>
<li class="md-nav__item">
<a href="#error-downloading-vulnerability-db" class="md-nav__link">
Error downloading vulnerability DB
</a>
</li>
<li class="md-nav__item">
<a href="#old-db-schema" class="md-nav__link">
Old DB schema
</a>
</li>
<li class="md-nav__item">
<a href="#multiple-trivy-servers" class="md-nav__link">
Multiple Trivy servers
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#homebrew" class="md-nav__link">
Homebrew
</a>
<nav class="md-nav" aria-label="Homebrew">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#scope-error" class="md-nav__link">
Scope error
</a>
</li>
<li class="md-nav__item">
<a href="#already-installed" class="md-nav__link">
Already installed
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#others" class="md-nav__link">
Others
</a>
<nav class="md-nav" aria-label="Others">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#unknown-error" class="md-nav__link">
Unknown error
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_4" type="checkbox" id="__nav_4" >
<label class="md-nav__link" for="__nav_4">
Community
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Community" data-md-level="1">
<label class="md-nav__title" for="__nav_4">
<span class="md-nav__icon md-icon"></span>
Community
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../community/tools/" class="md-nav__link">
Tools
</a>
</li>
<li class="md-nav__item">
<a href="../../../community/references/" class="md-nav__link">
References
</a>
</li>
<li class="md-nav__item">
<a href="../../../community/cks/" class="md-nav__link">
CKS Reference
</a>
</li>
<li class="md-nav__item">
<a href="../../../community/credit/" class="md-nav__link">
Credits
</a>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_4_5" type="checkbox" id="__nav_4_5" >
<label class="md-nav__link" for="__nav_4_5">
How to contribute
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="How to contribute" data-md-level="2">
<label class="md-nav__title" for="__nav_4_5">
<span class="md-nav__icon md-icon"></span>
How to contribute
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../community/contribute/issue/" class="md-nav__link">
Issues
</a>
</li>
<li class="md-nav__item">
<a href="../../../community/contribute/pr/" class="md-nav__link">
Pull Requests
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_4_6" type="checkbox" id="__nav_4_6" >
<label class="md-nav__link" for="__nav_4_6">
Maintainer
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Maintainer" data-md-level="2">
<label class="md-nav__title" for="__nav_4_6">
<span class="md-nav__icon md-icon"></span>
Maintainer
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../community/maintainer/help-wanted/" class="md-nav__link">
Help Wanted
</a>
</li>
<li class="md-nav__item">
<a href="../../../community/maintainer/triage/" class="md-nav__link">
Triage
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#scan" class="md-nav__link">
Scan
</a>
<nav class="md-nav" aria-label="Scan">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#timeout" class="md-nav__link">
Timeout
</a>
</li>
<li class="md-nav__item">
<a href="#certification" class="md-nav__link">
Certification
</a>
</li>
<li class="md-nav__item">
<a href="#github-rate-limiting" class="md-nav__link">
GitHub Rate limiting
</a>
</li>
<li class="md-nav__item">
<a href="#maven-rate-limiting-inconsistent-jar-vulnerability-reporting" class="md-nav__link">
Maven rate limiting / inconsistent jar vulnerability reporting
</a>
</li>
<li class="md-nav__item">
<a href="#running-in-parallel-takes-same-time-as-series-run" class="md-nav__link">
Running in parallel takes same time as series run
</a>
</li>
<li class="md-nav__item">
<a href="#error-downloading-vulnerability-db" class="md-nav__link">
Error downloading vulnerability DB
</a>
</li>
<li class="md-nav__item">
<a href="#old-db-schema" class="md-nav__link">
Old DB schema
</a>
</li>
<li class="md-nav__item">
<a href="#multiple-trivy-servers" class="md-nav__link">
Multiple Trivy servers
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#homebrew" class="md-nav__link">
Homebrew
</a>
<nav class="md-nav" aria-label="Homebrew">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#scope-error" class="md-nav__link">
Scope error
</a>
</li>
<li class="md-nav__item">
<a href="#already-installed" class="md-nav__link">
Already installed
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#others" class="md-nav__link">
Others
</a>
<nav class="md-nav" aria-label="Others">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#unknown-error" class="md-nav__link">
Unknown error
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-content" data-md-component="content">
<article class="md-content__inner md-typeset">
<h1 id="troubleshooting">Troubleshooting</h1>
<h2 id="scan">Scan</h2>
<h3 id="timeout">Timeout</h3>
<div class="admonition error">
<p class="admonition-title">Error</p>
<div class="highlight"><pre><span></span><code>$ trivy image ...
...
analyze error: timeout: context deadline exceeded
</code></pre></div>
</div>
<p>Your scan may time out. Java takes a particularly long time to scan. Try increasing the value of the ---timeout option such as <code>--timeout 15m</code>.</p>
<h3 id="certification">Certification</h3>
<div class="admonition error">
<p class="admonition-title">Error</p>
<p>Error: x509: certificate signed by unknown authority</p>
</div>
<p><code>TRIVY_INSECURE</code> can be used to allow insecure connections to a container registry when using SSL.</p>
<div class="highlight"><pre><span></span><code>$ TRIVY_INSECURE=true trivy image [YOUR_IMAGE]
</code></pre></div>
<h3 id="github-rate-limiting">GitHub Rate limiting</h3>
<div class="admonition error">
<p class="admonition-title">Error</p>
<div class="highlight"><pre><span></span><code>$ trivy image ...
...
API rate limit exceeded <span class="k">for</span> xxx.xxx.xxx.xxx.
</code></pre></div>
</div>
<p>Specify GITHUB_TOKEN for authentication
https://developer.github.com/v3/#rate-limiting</p>
<div class="highlight"><pre><span></span><code>$ GITHUB_TOKEN=XXXXXXXXXX trivy alpine:3.10
</code></pre></div>
<h3 id="maven-rate-limiting-inconsistent-jar-vulnerability-reporting">Maven rate limiting / inconsistent jar vulnerability reporting</h3>
<div class="admonition error">
<p class="admonition-title">Error</p>
<div class="highlight"><pre><span></span><code>$ trivy image ...
...
status <span class="m">403</span> Forbidden from http://search.maven.org/solrsearch/select
</code></pre></div>
</div>
<p>Trivy calls Maven API for better detection of JAR files, but many requests may exceed rate limiting.
This can easily happen if you are running more than one instance of Trivy which is concurrently scanning multiple images.
Once this starts happening Trivy's vulnerability reporting on jar files may become inconsistent.
There are two options to resolve this issue:</p>
<p>The first is to enable offline scanning using the <code>--offline-scan</code> option to stop Trivy from making API requests.
This option affects only vulnerability scanning. The vulnerability database and builtin policies are downloaded as usual.
If you want to skip them as well, you can try <code>--skip-update</code> and <code>--skip-policy-update</code>.
<strong>Note that a number of vulnerabilities might be fewer than without the <code>--offline-scan</code> option.</strong></p>
<p>The second, more scalable, option is the place Trivy behind a rate-limiting forward-proxy to the Maven Central API.
One way to achieve this is to use nginx. You can use the following nginx config to enable both rate-limiting and caching (the caching greatly reduces the number of calls to the Maven Central API, especially if you are scanning a lot of similar images):</p>
<div class="highlight"><pre><span></span><code><span class="k">limit_req_zone</span><span class="w"> </span><span class="s">global</span><span class="w"> </span><span class="s">zone=maven:1m</span><span class="w"> </span><span class="s">rate=10r/s</span><span class="p">;</span><span class="w"></span>
<span class="k">proxy_cache_path</span><span class="w"> </span><span class="s">/tmp/cache</span><span class="w"> </span><span class="s">keys_zone=mavencache:10m</span><span class="p">;</span><span class="w"></span>
<span class="k">server</span><span class="w"> </span><span class="p">{</span><span class="w"></span>
<span class="w"> </span><span class="kn">listen</span><span class="w"> </span><span class="mi">80</span><span class="p">;</span><span class="w"></span>
<span class="w"> </span><span class="kn">proxy_cache</span><span class="w"> </span><span class="s">mavencache</span><span class="p">;</span><span class="w"></span>
<span class="w"> </span><span class="kn">location</span><span class="w"> </span><span class="s">/</span><span class="w"> </span><span class="p">{</span><span class="w"></span>
<span class="w"> </span><span class="kn">limit_req</span><span class="w"> </span><span class="s">zone=maven</span><span class="w"> </span><span class="s">burst=1000</span><span class="p">;</span><span class="w"></span>
<span class="w"> </span><span class="kn">proxy_cache_valid</span><span class="w"> </span><span class="s">any</span><span class="w"> </span><span class="s">1h</span><span class="p">;</span><span class="w"></span>
<span class="w"> </span><span class="kn">proxy_pass</span><span class="w"> </span><span class="s">https://search.maven.org:443</span><span class="p">;</span><span class="w"></span>
<span class="w"> </span><span class="p">}</span><span class="w"></span>
<span class="p">}</span><span class="w"></span>
</code></pre></div>
<p>This config file will allow a maximum of 10 requests per second to the Maven API, this number was determined experimentally so you might want to use something else if it doesn't fit your needs.</p>
<p>Once nginx is up and running, you need to tell all your Trivy deployments to proxy their Maven API calls through nginx. You can do this by setting the <code>MAVEN_CENTRAL_URL</code> environment variable. For example, if your nginx proxy is running at <code>127.0.0.1</code>, you can set <code>MAVEN_CENTRAL_URL=http://127.0.0.1/solrsearch/select</code>.</p>
<h3 id="running-in-parallel-takes-same-time-as-series-run">Running in parallel takes same time as series run</h3>
<p>When running trivy on multiple images simultaneously, it will take same time as running trivy in series.
This is because of a limitation of boltdb.</p>
<blockquote>
<p>Bolt obtains a file lock on the data file so multiple processes cannot open the same database at the same time. Opening an already open Bolt database will cause it to hang until the other process closes it.</p>
</blockquote>
<p>Reference : <a href="https://github.com/boltdb/bolt#opening-a-database">boltdb: Opening a database</a>.</p>
<h3 id="error-downloading-vulnerability-db">Error downloading vulnerability DB</h3>
<div class="admonition error">
<p class="admonition-title">Error</p>
<p>FATAL failed to download vulnerability DB</p>
</div>
<p>If trivy is running behind corporate firewall, you have to add the following urls to your allowlist.</p>
<ul>
<li>ghcr.io</li>
<li>pkg-containers.githubusercontent.com</li>
</ul>
<h3 id="old-db-schema">Old DB schema</h3>
<div class="admonition error">
<p class="admonition-title">Error</p>
<p>--skip-update cannot be specified with the old DB schema.</p>
</div>
<p>Trivy v0.23.0 or later requires Trivy DB v2. Please update your local database or follow <a href="../../advanced/air-gap/">the instruction of air-gapped environment</a>.</p>
<h3 id="multiple-trivy-servers">Multiple Trivy servers</h3>
<div class="admonition error">
<p class="admonition-title">Error</p>
<div class="highlight"><pre><span></span><code>$ trivy image --server http://xxx.com:xxxx test-image
...
- twirp error internal: failed scan, test-image: failed to apply layers: layer cache missing: sha256:*****
</code></pre></div>
</div>
<p>To run multiple Trivy servers, you need to use Redis as the cache backend so that those servers can share the cache.
Follow <a href="../../vulnerability/examples/cache/#cache-backend">this instruction</a> to do so.</p>
<h2 id="homebrew">Homebrew</h2>
<h3 id="scope-error">Scope error</h3>
<div class="admonition error">
<p class="admonition-title">Error</p>
<p>Error: Your macOS keychain GitHub credentials do not have sufficient scope!</p>
</div>
<div class="highlight"><pre><span></span><code>$ brew tap aquasecurity/trivy
Error: Your macOS keychain GitHub credentials do not have sufficient scope!
Scopes they need: none
Scopes they have:
Create a personal access token:
https://github.com/settings/tokens/new?scopes=gist,public_repo&amp;description=Homebrew
echo &#39;export HOMEBREW_GITHUB_API_TOKEN=your_token_here&#39; &gt;&gt; ~/.zshrc
</code></pre></div>
<p>Try:</p>
<div class="highlight"><pre><span></span><code>$ printf &quot;protocol=https\nhost=github.com\n&quot; | git credential-osxkeychain erase
</code></pre></div>
<h3 id="already-installed">Already installed</h3>
<div class="admonition error">
<p class="admonition-title">Error</p>
<p>Error: aquasecurity/trivy/trivy 64 already installed</p>
</div>
<div class="highlight"><pre><span></span><code>$ brew upgrade
...
Error: aquasecurity/trivy/trivy 64 already installed
</code></pre></div>
<p>Try:</p>
<div class="highlight"><pre><span></span><code>$ brew unlink trivy &amp;&amp; brew uninstall trivy
($ rm -rf /usr/local/Cellar/trivy/64)
$ brew install aquasecurity/trivy/trivy
</code></pre></div>
<h2 id="others">Others</h2>
<h3 id="unknown-error">Unknown error</h3>
<p>Try again with <code>--reset</code> option:</p>
<div class="highlight"><pre><span></span><code>$ trivy image --reset
</code></pre></div>
</article>
<script>var tabs=__md_get("__tabs");if(Array.isArray(tabs))e:for(var set of document.querySelectorAll(".tabbed-set")){var tab,labels=set.querySelector(".tabbed-labels");for(tab of tabs)for(var label of labels.getElementsByTagName("label"))if(label.innerText.trim()===tab){var input=document.getElementById(label.htmlFor);input.checked=!0;continue e}}</script>
</div>
</div>
</main>
<footer class="md-footer">
<nav class="md-footer__inner md-grid" aria-label="Footer" >
<a href="../modes/client-server/" class="md-footer__link md-footer__link--prev" aria-label="Previous: Client/Server" rel="prev">
<div class="md-footer__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
</div>
<div class="md-footer__title">
<div class="md-ellipsis">
<span class="md-footer__direction">
Previous
</span>
Client/Server
</div>
</div>
</a>
<a href="../../../community/tools/" class="md-footer__link md-footer__link--next" aria-label="Next: Tools" rel="next">
<div class="md-footer__title">
<div class="md-ellipsis">
<span class="md-footer__direction">
Next
</span>
Tools
</div>
</div>
<div class="md-footer__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M4 11v2h12l-5.5 5.5 1.42 1.42L19.84 12l-7.92-7.92L10.5 5.5 16 11H4Z"/></svg>
</div>
</a>
</nav>
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-copyright">
</div>
</div>
</div>
</footer>
</div>
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "../../..", "features": ["navigation.tabs", "navigation.tabs.sticky", "navigation.sections", "content.tabs.link"], "search": "../../../assets/javascripts/workers/search.b97dbffb.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "version": {"method": "mike", "provider": "mike"}}</script>
<script src="../../../assets/javascripts/bundle.6c7ad80a.min.js"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink