jfrog-cli
jfrog-cli copied to clipboard
jfrog
jf docker scan does not work with Docker Engine 25 and above
Describe the bug
we build docker image with dind in Jenkins, when run jf docker scan in build pod with Docker Engine 25 and above to scan docker image, it always reports No vulnerable components were found
Current behavior
Docker info:
Client: Docker Engine - Community
Version: 26.1.0
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.14.0
Path: /usr/libexec/docker/cli-plugins/docker-buildx
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 25.0.5
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 7c3aca7a610df76212171d200ca3811ff6096eb8
runc version: v1.1.12-0-g51d5e94
init version: de40ad0
Security Options:
seccomp
Profile: builtin
Kernel Version: 4.18.0-147.5.1.6.h766.eulerosv2r9.x86_64
Operating System: Alpine Linux v3.19 (containerized)
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 30.89GiB
Name: devops-internal-java-base-dev-44-dg72h-klz31-1tvdt
ID: 70abf9c8-5b41-4140-8a98-97496e2107ca
Docker Root Dir: /var/lib/docker
Debug Mode: false
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Product License: Community Engine
execute log:
18:04:12 + export JFROG_CLI_LOG_LEVEL=DEBUG
18:04:12 + JFROG_CLI_LOG_LEVEL=DEBUG
18:04:12 + docker save --output my-image-docker.tar example.artifactory.com/docker-release/test-npm:0.1.4-20240425144822-b5df44
18:04:14 + jf docker scan example.artifactory.com/docker-release/test-npm:0.1.4-20240425144822-b5df44
18:04:14 18:04:13 [Debug] JFrog CLI version: 2.56.0
18:04:14 18:04:13 [Debug] OS/Arch: linux/amd64
18:04:14 18:04:13 [Debug] Sending HTTP GET request to: https://example.artifactory.com/xray/api/v1/system/version
18:04:14 18:04:13 [Debug] Usage Report: Sending info...
18:04:14 18:04:13 [Debug] Sending HTTP GET request to: https://example.artifactory.com/artifactory/api/system/version
18:04:14 18:04:13 [Info] Creating image archive...
18:04:14 18:04:13 [Debug] Artifactory response: 200
18:04:14 18:04:13 [Debug] JFrog Artifactory version is: 7.38.10
18:04:14 18:04:13 [Debug] Sending HTTP POST request to: https://example.artifactory.com/artifactory/api/system/usage
18:04:14 18:04:14 [Debug] Sending HTTP GET request to: https://example.artifactory.com/xray/api/v1/system/version
18:04:14 18:04:14 [Info] JFrog Xray version is: 3.54.5
18:04:14 18:04:14 [Debug] Creating lock in: /root/.jfrog/locks/xray-indexer
18:04:14 18:04:14 [Info] JFrog Xray Indexer 3.54.5 is not cached locally. Downloading it now...
18:04:14 18:04:14 [Debug] Sending HTTP GET request to: https://example.artifactory.com/xray/api/v1/indexer-resources/download/linux/amd64
18:04:15 18:04:15 [Info] The downloaded Xray Indexer version is 3.54.5
18:04:15 18:04:15 [Debug] Releasing lock: /root/.jfrog/locks/xray-indexer/jfrog-cli.conf.lck.130.1714039454567331359
18:04:15 18:04:15 [Info] [Thread 0] Indexing file: /tmp/jfrog.cli.temp.-1714039453-1649147033/image.tar
18:04:16 18:04:16 [Info] 2024-04-25T10:04:15.510457181Z [jfxia] [DEBUG] [] [wire_gen:45 ] [main ] Initializing filtering service
18:04:16 2024-04-25T10:04:16.509995872Z [jfxia] [DEBUG] [] [indexer-app:43 ] [main ] Indexing standalone file /tmp/jfrog.cli.temp.-1714039453-1649147033/image.tar using artifactory folder /tmp/jfrog.cli.temp.-1714039455-1901921032
18:04:16 2024-04-25T10:04:16.510143457Z [jfxia] [DEBUG] [] [indexer_app:109 ] [main ] Local path: /tmp/jfrog.cli.temp.-1714039455-1901921032/4c51c32d-d48e-4a22-7975-a46e85b5172a/171403945651013915/image.tar
18:04:16 2024-04-25T10:04:16.510172385Z [jfxia] [DEBUG] [] [indexer_app:109 ] [main ] Scanning file from Artifactory with mimetype 'application/x-gzip'
18:04:16 2024-04-25T10:04:16.805737745Z [jfxia] [DEBUG] [] [indexer_app:109 ] [main ] Found archive file. Performing deep scan for file /tmp/jfrog.cli.temp.-1714039455-1901921032/4c51c32d-d48e-4a22-7975-a46e85b5172a/171403945651013915/image.tar
18:04:16 2024-04-25T10:04:16.820307051Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/031e9a2742957ceeb08bb04dcf48ff49c1fe7bf210fce4d02bc107eabb0e5e19
18:04:16 2024-04-25T10:04:16.820379292Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/0cc5dda847f8236ca1d767c2ab43a31ed9a554a12936b29e69fb574da025d8fc
18:04:16 2024-04-25T10:04:16.820418804Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/200d830478eac31d405e96fc394bc7bb0d1ec500db40d1c9aa55dde44e944150
18:04:16 2024-04-25T10:04:16.820447487Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/236632f891b128248c49d14b6ff625270ea5e6a0a7afbf7084d428547498f4c8
18:04:16 2024-04-25T10:04:16.820476632Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/273485579c557b31fb49837f841a0fd35795dc6505e8fe76c607095db13fca47
18:04:16 2024-04-25T10:04:16.820503029Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/3398d076ba1f240f26dd80594e94d378bec8e7956c980e929a3b0bcdd69c848d
18:04:16 2024-04-25T10:04:16.820532713Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/369d2d52deeacc7a6ff4838075667eb0338cd388b659a0a0dfa27fdcf5da0a7c
18:04:16 2024-04-25T10:04:16.823149535Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/3a914c284589238098f4f4ddc18b444deac8a7cb3ed1a60324c6e4ab133c994b
18:04:16 2024-04-25T10:04:16.823208671Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/5a045411e473246048e69d68336ee1cd468d3fe98afc3243439ad9215438dd31
18:04:16 2024-04-25T10:04:16.82324359Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/634cd86b27edef01d02c14d09c97642662b608ebe0dd1cb55cc8a1406496bc6d
18:04:16 2024-04-25T10:04:16.823276386Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/648cb14a9487cb0c07f78e1fe1e268e954ba96c4b5ac0c0a1fb2a0d6aa9aec9a
18:04:16 2024-04-25T10:04:16.823305372Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/6fe0f403036bfadb5ccf0363db2a6bbb5553997d34645cb66cce704521d62159
18:04:16 2024-04-25T10:04:16.823339591Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/77ce4d7b54d51e457d4fd9372061738697e4659e48770fe130d613cc4dc2352c
18:04:16 2024-04-25T10:04:16.823366401Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/7de24e36349b08d9a11de77bad3ede3bed4ca190c739146d3c0cbaadb2ba8e24
18:04:16 2024-04-25T10:04:16.82339661Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/7e400934d3c07e43ff5cdac2371b54e7800a222bd018c13355d63362efb6ff18
18:04:16 2024-04-25T10:04:16.826282072Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/84709a565a284ec4ca19eb0f7b76cfc355713e5033a00bd3f8da7821bb2fc450
18:04:16 2024-04-25T10:04:16.826336846Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/84855e0a6c9ef51d5915c6e21f8c544185680c8ba9dde922e7c9d547d709751b
18:04:16 2024-04-25T10:04:16.834677484Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/95a7baf9b63f99b521d030d211457d48a916a5c8e8da914f22e61d79c4a3a66f
18:04:16 2024-04-25T10:04:16.834735116Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/b1329246690cd2cb0af7747ec20f99928552e1a364f66fcd5222ea25b0d4492b
18:04:16 2024-04-25T10:04:16.834769852Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/c650baa2ed45155f417d81f05aadeba728a81b065ad16cdaf40c3e851fb20fa2
18:04:16 2024-04-25T10:04:16.834802095Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/d4fc045c9e3a848011de66f34b81f052d4f2c15a17bb196d637e526349601820
18:04:16 2024-04-25T10:04:16.836836123Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/def06013040ecab853591b2083d68d01181e3a292f3ed3181a3674758a72afee
18:04:16 2024-04-25T10:04:16.836894273Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/e3be2c612adbe7fd51805724cf31d607fd8d847ae442a681edea53b292eb579b
18:04:16 2024-04-25T10:04:16.836933958Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/fe01e5b3f9416eed04af21262fcf530394fa312d7d72dbb4cad10a9235bb97f7
18:04:16 2024-04-25T10:04:16.837231218Z [jfxia] [DEBUG] [] [archive_mgr:1264 ] [main ] Found archive file. Performing deep scan for file /tmp/jfrog.cli.temp.-1714039455-1901921032/4c51c32d-d48e-4a22-7975-a46e85b5172a/171403945683702370/manifest.json
18:04:16 2024-04-25T10:04:16.83728023Z [jfxia] [WARN ] [] [archive_mgr:631 ] [main ] Archive manifest.json exceeded internal depth limitation, extraction stopped.
18:04:16 2024-04-25T10:04:16.837319836Z [jfxia] [DEBUG] [] [archive_mgr:232 ] [main ] No classification found for manifest.json, classified as generic
18:04:16 2024-04-25T10:04:16.837349413Z [jfxia] [DEBUG] [] [archive_mgr:232 ] [main ] manifest.json was classified as Generic
18:04:16 2024-04-25T10:04:16.837375052Z [jfxia] [DEBUG] [] [archive_mgr:232 ] [main ] total running time for indexing tree construction of manifest.json: 5.6451e-05 seconds
18:04:16 2024-04-25T10:04:16.837465451Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable oci-layout
18:04:16 2024-04-25T10:04:16.837511494Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable repositories
18:04:16 2024-04-25T10:04:16.837578881Z [jfxia] [DEBUG] [] [archive_mgr:232 ] [main ] No classification found for image.tar, classified as generic
18:04:16 2024-04-25T10:04:16.837603079Z [jfxia] [DEBUG] [] [archive_mgr:232 ] [main ] image.tar was classified as Generic
18:04:16 2024-04-25T10:04:16.837631284Z [jfxia] [DEBUG] [] [archive_mgr:232 ] [main ] total running time for indexing tree construction of image.tar: 6.7246e-05 seconds
18:04:16 2024-04-25T10:04:16.837655542Z [jfxia] [DEBUG] [] [archive_mgr:195 ] [main ] total running time for indexing image.tar: 0.031848115 seconds
18:04:16
18:04:16 18:04:16 [Debug] Sending HTTP POST request to: https://example.artifactory.com/xray/api/v1/scan/graph?scan_type=binary
18:04:16 18:04:16 [Info] Waiting for scan to complete on JFrog Xray...
18:04:16 18:04:16 [Debug] Sending HTTP GET request to: https://example.artifactory.com/xray/api/v1/scan/graph/883e2906-0155-4c8b-61da-563d7aed66a9?include_vulnerabilities=true
18:04:16
18:04:16 Vulnerable Components
18:04:16 +---------------------------------------+
18:04:16 | No vulnerable components were found |
18:04:16 +---------------------------------------+
18:04:16 18:04:16 [Info] Scan completed successfully.
18:04:17 + jf scan my-image-docker.tar
18:04:17 18:04:16 [Debug] JFrog CLI version: 2.56.0
18:04:17 18:04:16 [Debug] OS/Arch: linux/amd64
18:04:17 18:04:16 [Debug] Sending HTTP GET request to: https://example.artifactory.com/xray/api/v1/system/version
18:04:17 18:04:16 [Debug] Usage Report: Sending info...
18:04:17 18:04:16 [Debug] Sending HTTP GET request to: https://example.artifactory.com/artifactory/api/system/version
18:04:17 18:04:16 [Info] JFrog Xray version is: 3.54.5
18:04:17 18:04:16 [Debug] Creating lock in: /root/.jfrog/locks/xray-indexer
18:04:17 18:04:16 [Debug] Releasing lock: /root/.jfrog/locks/xray-indexer/jfrog-cli.conf.lck.174.1714039456965187275
18:04:17 18:04:16 [Info] [Thread 2] Indexing file: my-image-docker.tar
18:04:17 18:04:16 [Debug] Artifactory response: 200
18:04:17 18:04:16 [Debug] JFrog Artifactory version is: 7.38.10
18:04:17 18:04:16 [Debug] Sending HTTP POST request to: https://example.artifactory.com/artifactory/api/system/usage
18:04:18 18:04:18 [Info] 2024-04-25T10:04:17.258110507Z [jfxia] [DEBUG] [] [wire_gen:45 ] [main ] Initializing filtering service
18:04:18 2024-04-25T10:04:18.121103818Z [jfxia] [DEBUG] [] [indexer-app:43 ] [main ] Indexing standalone file my-image-docker.tar using artifactory folder /tmp/jfrog.cli.temp.-1714039456-4037755282
18:04:18 2024-04-25T10:04:18.12121399Z [jfxia] [DEBUG] [] [indexer_app:109 ] [main ] Local path: /tmp/jfrog.cli.temp.-1714039456-4037755282/1d1111f7-59aa-4762-46ea-a7e3c6e0574d/171403945812120613/my-image-docker.tar
18:04:18 2024-04-25T10:04:18.121242414Z [jfxia] [DEBUG] [] [indexer_app:109 ] [main ] Scanning file from Artifactory with mimetype 'application/x-gzip'
18:04:18 2024-04-25T10:04:18.409190856Z [jfxia] [DEBUG] [] [indexer_app:109 ] [main ] Found archive file. Performing deep scan for file /tmp/jfrog.cli.temp.-1714039456-4037755282/1d1111f7-59aa-4762-46ea-a7e3c6e0574d/171403945812120613/my-image-docker.tar
18:04:18 2024-04-25T10:04:18.425828743Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/031e9a2742957ceeb08bb04dcf48ff49c1fe7bf210fce4d02bc107eabb0e5e19
18:04:18 2024-04-25T10:04:18.425896145Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/0cc5dda847f8236ca1d767c2ab43a31ed9a554a12936b29e69fb574da025d8fc
18:04:18 2024-04-25T10:04:18.425926707Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/200d830478eac31d405e96fc394bc7bb0d1ec500db40d1c9aa55dde44e944150
18:04:18 2024-04-25T10:04:18.425954268Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/236632f891b128248c49d14b6ff625270ea5e6a0a7afbf7084d428547498f4c8
18:04:18 2024-04-25T10:04:18.42598685Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/273485579c557b31fb49837f841a0fd35795dc6505e8fe76c607095db13fca47
18:04:18 2024-04-25T10:04:18.426014976Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/3398d076ba1f240f26dd80594e94d378bec8e7956c980e929a3b0bcdd69c848d
18:04:18 2024-04-25T10:04:18.42605634Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/369d2d52deeacc7a6ff4838075667eb0338cd388b659a0a0dfa27fdcf5da0a7c
18:04:18 2024-04-25T10:04:18.428872812Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/3a914c284589238098f4f4ddc18b444deac8a7cb3ed1a60324c6e4ab133c994b
18:04:18 2024-04-25T10:04:18.428945367Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/5a045411e473246048e69d68336ee1cd468d3fe98afc3243439ad9215438dd31
18:04:18 2024-04-25T10:04:18.428988614Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/634cd86b27edef01d02c14d09c97642662b608ebe0dd1cb55cc8a1406496bc6d
18:04:18 2024-04-25T10:04:18.429023682Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/648cb14a9487cb0c07f78e1fe1e268e954ba96c4b5ac0c0a1fb2a0d6aa9aec9a
18:04:18 2024-04-25T10:04:18.42907289Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/6fe0f403036bfadb5ccf0363db2a6bbb5553997d34645cb66cce704521d62159
18:04:18 2024-04-25T10:04:18.429113091Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/77ce4d7b54d51e457d4fd9372061738697e4659e48770fe130d613cc4dc2352c
18:04:18 2024-04-25T10:04:18.429144201Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/7de24e36349b08d9a11de77bad3ede3bed4ca190c739146d3c0cbaadb2ba8e24
18:04:18 2024-04-25T10:04:18.429175353Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/7e400934d3c07e43ff5cdac2371b54e7800a222bd018c13355d63362efb6ff18
18:04:18 2024-04-25T10:04:18.432221158Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/84709a565a284ec4ca19eb0f7b76cfc355713e5033a00bd3f8da7821bb2fc450
18:04:18 2024-04-25T10:04:18.43228917Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/84855e0a6c9ef51d5915c6e21f8c544185680c8ba9dde922e7c9d547d709751b
18:04:18 2024-04-25T10:04:18.441324859Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/95a7baf9b63f99b521d030d211457d48a916a5c8e8da914f22e61d79c4a3a66f
18:04:18 2024-04-25T10:04:18.441418345Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/b1329246690cd2cb0af7747ec20f99928552e1a364f66fcd5222ea25b0d4492b
18:04:18 2024-04-25T10:04:18.44146826Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/c650baa2ed45155f417d81f05aadeba728a81b065ad16cdaf40c3e851fb20fa2
18:04:18 2024-04-25T10:04:18.441509378Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/d4fc045c9e3a848011de66f34b81f052d4f2c15a17bb196d637e526349601820
18:04:18 2024-04-25T10:04:18.443852574Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/def06013040ecab853591b2083d68d01181e3a292f3ed3181a3674758a72afee
18:04:18 2024-04-25T10:04:18.443925958Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/e3be2c612adbe7fd51805724cf31d607fd8d847ae442a681edea53b292eb579b
18:04:18 2024-04-25T10:04:18.443956213Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable blobs/sha256/fe01e5b3f9416eed04af21262fcf530394fa312d7d72dbb4cad10a9235bb97f7
18:04:18 2024-04-25T10:04:18.444287497Z [jfxia] [DEBUG] [] [archive_mgr:1264 ] [main ] Found archive file. Performing deep scan for file /tmp/jfrog.cli.temp.-1714039456-4037755282/1d1111f7-59aa-4762-46ea-a7e3c6e0574d/171403945844409538/manifest.json
18:04:18 2024-04-25T10:04:18.44433378Z [jfxia] [WARN ] [] [archive_mgr:631 ] [main ] Archive manifest.json exceeded internal depth limitation, extraction stopped.
18:04:18 2024-04-25T10:04:18.444370043Z [jfxia] [DEBUG] [] [archive_mgr:232 ] [main ] No classification found for manifest.json, classified as generic
18:04:18 2024-04-25T10:04:18.444399368Z [jfxia] [DEBUG] [] [archive_mgr:232 ] [main ] manifest.json was classified as Generic
18:04:18 2024-04-25T10:04:18.444418812Z [jfxia] [DEBUG] [] [archive_mgr:232 ] [main ] total running time for indexing tree construction of manifest.json: 5.2195e-05 seconds
18:04:18 2024-04-25T10:04:18.444484342Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable oci-layout
18:04:18 2024-04-25T10:04:18.444510307Z [jfxia] [DEBUG] [] [archive_mgr:1245 ] [main ] checking if the file is supported executable repositories
18:04:18 2024-04-25T10:04:18.444582597Z [jfxia] [DEBUG] [] [archive_mgr:232 ] [main ] No classification found for my-image-docker.tar, classified as generic
18:04:18 2024-04-25T10:04:18.444603318Z [jfxia] [DEBUG] [] [archive_mgr:232 ] [main ] my-image-docker.tar was classified as Generic
18:04:18 2024-04-25T10:04:18.444625557Z [jfxia] [DEBUG] [] [archive_mgr:232 ] [main ] total running time for indexing tree construction of my-image-docker.tar: 6.1759e-05 seconds
18:04:18 2024-04-25T10:04:18.444643814Z [jfxia] [DEBUG] [] [archive_mgr:195 ] [main ] total running time for indexing my-image-docker.tar: 0.035380064 seconds
18:04:18
18:04:18 18:04:18 [Debug] Sending HTTP POST request to: https://example.artifactory.com/xray/api/v1/scan/graph?scan_type=binary
18:04:18 18:04:18 [Info] Waiting for scan to complete on JFrog Xray...
18:04:18 18:04:18 [Debug] Sending HTTP GET request to: https://example.artifactory.com/xray/api/v1/scan/graph/f53eac31-1dff-4c47-6966-6e1d0b77f1b7?include_vulnerabilities=true
18:04:18
18:04:18 Vulnerable Components
18:04:18 +---------------------------------------+
18:04:18 | No vulnerable components were found |
18:04:18 +---------------------------------------+
18:04:18 18:04:18 [Info] Scan completed successfully.
Reproduction steps
- install docker engine 25 and above
- run
jf docker scan <some image>
Expected behavior
jf docker scan work as expect
JFrog CLI version
2.56.0
Operating system type and version
ubuntu 22.04
JFrog Artifactory version
7.38.10
JFrog Xray version
3.54.5
Hello Joel.
From the shared logs: Archive manifest.json exceeded internal depth limitation, extraction stopped.
Can you try to run the command as follows:
jf docker scan example.artifactory.com/docker-release/test-npm:0.1.4-20240425144822-b5df44 --bypass-archive-limits
@dortam888 thanks for replying but seem this option requires Xray 3.59.0 or higher
14:25:41 + jf docker scan example.artifactory.com/docker-release/test-npm:0.1.4-20240425144822-b5df44 --bypass-archive-limits
14:25:41 14:25:41 [Info] Creating image archive...
14:25:42 14:25:42 [Error] You are using JFrog Xray version 3.54.5, while this operation requires version 3.59.0 or higher.