simar7
simar7
> however the issue is also seen when scanning using the CLI locally Please file the discussion in the Trivy repo in this case as it would be a Trivy...
Just thinking out loud how to test this change: As part of our integration tests, we can specify the new PV resource and have it get scanned and create reports...
Another point about testing, I added perf support on a feature branch (to enable profiling) but I think I'll enhance it by adding support for it to be enabled with...
I ran it locally but it doesn't seem stable. ``` • [FAILED] [300.791 seconds] Trivy Operator Vulnerability ScanJob When unmanaged Pod is created [It] Should create VulnerabilityReport /Users/simarpreetsingh/repos/trivy-operator/tests/itest/trivy-operator/behavior/behavior.go:502 [FAILED] Timed...
> @simar7 is there something strange in the logs? in my env I see `OOMKilled` on Minikube > > ```shell > {"level":"error","ts":"2025-09-09T14:34:43+06:00","logger":"reconciler.scan job","msg":"Scan job container","job":"trivy-system/scan-vulnerabilityreport-98b66b69","container":"88e558cf-97c8-41a1-a5b3-da6e6f076d73","status.reason":"OOMKilled","status.message":"------------------>_] 97.69% 6.13 MiB p/s ETA...
@afdesk just took another look at it - wouldn't changing the test image impact any assertions that we make? It seems that there's no updated test / broken test as...
> > just took another look at it - wouldn't changing the test image impact any assertions that we make? It seems that there's no updated test / broken test...
@DmitriyLewen could you take a look?
> Apparently the problem is that CI uses a different version of goreleaser Should we update that then?
hi @jntille that's odd - by any chance do you have https://github.blog/changelog/2025-08-15-github-actions-policy-now-supports-blocking-and-sha-pinning-actions/ enabled?