clair-scanner
clair-scanner copied to clipboard
arminc
Could not analyze layer: Clair responded with a failure: Got response 400 with message {"Error":{"Message":"could not find layer"}}
@arminc @gravis @plasticine @leucos @dzaporozhets
I have a similar issue , In a linux server ,I use docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.6 to started clair-local-scan in container, I can run command to scan images in this server ,but when I use jenkins pipeline to execute the same command ,I'm getting below error
Could not analyze layer: Clair responded with a failure: Got response 400 with message {"Error":{"Message":"could not find layer"}}
Does any one have any solution for this , this is weird that I can run command in server ,but can not execute same command in jenkins pipeline code , may be the container is not publicly accessible ? If so ,how can I make the container publicly accessible. Docker ps details like below:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b9da71380d16 arminc/clair-local-scan:v2.0.6 "/clair -config=/c..." About an hour ago Up About an hour 0.0.0.0:6060->6060/tcp, 6061/tcp clair
697d97307acf arminc/clair-db:latest "docker-entrypoint..." 3 days ago Up 3 days 0.0.0.0:5432->5432/tcp db
That probably means you messed up with your docker sockets.
Please double-check where docker is running, and which daemon is listening on which socket.
If you mount /var/lib/docker.sock into dind, you hit your host server (and it's bad).
@gravis I know the reason right now , cause I run clair db and clair-local-scan in a specific server , but I run that command in a jenkins agent pod , so that server need to access to jenkins agent pod prot 9279 ,but access failed , that's why I get this error ,still not solve this.
did we ever figure this out? I'm not sure I get where the allowance for port 9279 needs to be configured?, does the clair service also listen on 9279
