postee Trivy Operator error "kind":"Vulnerabili... doesn't match a REGO input files rule"

Description

When running trivy operator scan, postee can't match the results with rego input

Postee Configuration:

    routes:
    - name: Trivy Operator Alerts
      input: input.report.summary.criticalCount > 0 # You can customize this based on your needs
      actions: [send-slack-msg]
      template: trivy-operator-slack

      # Templates are used to format a message
    templates:
    - name: trivy-operator-slack
      rego-package: postee.trivyoperator.slack

    # Actions are target services that should consume the messages
    actions:
    - name: send-slack-msg
      type: slack
      enable: true
      url: SLACK_WEBHOOK

What did you expect to happen?

To be able to send the results through slack

What happened instead?

Gives an error:

postee-0 postee 2022/11/18 18:26:46 route "Trivy Operator Alerts" contains reference to undefined or misconfigured template "trivy-operator-slack".
postee-0 postee 2022/11/18 18:26:46 route "stdout" contains reference to undefined or misconfigured template "raw-json".
postee-0 postee 2022/11/18 18:26:46 Input {"kind":"Vulnerabili... doesn't match a REGO input files rule

Postee version: v2.9.0 Trivy operator version: 0.6.0

Nov 18 '22 18:11 ichasco-heytrade

The problem is because the template of trivy-operator doesn't exists:

postee-0 postee 2022/11/19 16:22:04 Starting Router....
postee-0 postee 2022/11/19 16:22:04 Loading alerts configuration file /data/cfg.yaml ....
postee-0 postee 2022/11/19 16:22:04 Configuring template trivy-operator-slack 
postee-0 postee 2022/11/19 16:22:04 Can not initialize template trivy-operator-slack: no results

drwxr-xr-x    1 postee   postee      4.0K Nov 19 16:22 .
drwxr-xr-x    1 postee   postee      4.0K Nov 19 16:22 ..
drwxr-xr-x    1 postee   postee      4.0K Sep 14 23:26 common
drwxr-xr-x    3 root     root        4.0K Nov 18 18:05 custom
drwxr-xr-x    1 postee   postee      4.0K Sep 14 23:26 example
-rw-r--r--    1 postee   postee       199 Sep 14 23:26 raw-message-html.rego
-rw-r--r--    1 postee   postee        93 Sep 14 23:26 raw-message-json.rego
-rw-r--r--    1 postee   postee       416 Sep 14 23:26 tracee-html.rego
-rw-r--r--    1 postee   postee       654 Sep 14 23:26 tracee-slack.rego
-rw-r--r--    1 postee   postee      2.6K Sep 14 23:26 vuls-cyclonedx.rego
-rw-r--r--    1 postee   postee       467 Sep 14 23:26 vuls-html-aggregation.rego
-rw-r--r--    1 postee   postee      5.9K Sep 14 23:26 vuls-html.rego
-rw-r--r--    1 postee   postee       154 Sep 14 23:26 vuls-opsgenie.rego
-rw-r--r--    1 postee   postee       517 Sep 14 23:26 vuls-slack-aggregation.rego
-rw-r--r--    1 postee   postee      7.9K Sep 14 23:26 vuls-slack.rego

Could you create a image with it? Thanks!

Nov 19 '22 16:11 ichasco-heytrade

As Work Around solution, I have added it manually to custom folder and it started working

Nov 19 '22 16:11 ichasco-heytrade

Seem's related to my issue : https://github.com/aquasecurity/postee/issues/532

Mar 03 '23 16:03 HW-Jeremy

postee postee copied to clipboard

Trivy Operator error "kind":"Vulnerabili... doesn't match a REGO input files rule"

Description

What did you expect to happen?

What happened instead?

postee
postee copied to clipboard