afdesk
afdesk
is this runtime error reproducible locally with trivy 0.51.1?
it looks like the latest trivy has a bug with Conda, and it's known issue: https://github.com/aquasecurity/trivy/issues/6659
I've added a read permission for all users, but cache can contain a sensitive data. does it make sence? @knqyf263 wdyt?
> I think users should be responsible for the permission. If needed, they can change permission of the cache dir at their own risk. sure. let's close this pr, right?
> Usually the user who creates the cache directory and the user who runs Trivy should be the same. Does this problem occur if the directory is created manually? no,...
> > but if I create a new folder through sudo the issue is occur as expected: > > Yes, that is what I meant. The error you shared shows...
> This might be another problem from #7380, as it shows a different error. > > > DEBUG Failed to get DB metadata err="unable to open a file: open /var/cache/trivy/subpath/db/db/metadata.json:...
> @afdesk Done. You now have a write role. great! thanks!
> @afdesk An issue must be actionable. > We need to summarize what actions are required based on the Discussion. e.g. #7382 the description is updated now.
> what happens if I have a resource that trivy doesn't have access to? does it fail or the resource isn't scanned? I hope it the latter in which case...