Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(plugin): do not call GitHub content API for releases and tags #7274

Merged
merged 1 commit into from
Jul 31, 2024
Merged

fix(plugin): do not call GitHub content API for releases and tags #7274

merged 1 commit into from
Jul 31, 2024

Conversation

knqyf263
Copy link
Collaborator

@knqyf263 knqyf263 commented Jul 31, 2024
edited
Loading

Description

$ trivy plugin install referrer
...
2024-07-31T14:51:48+04:00       FATAL   Fatal error     plugin install error: failed to install the plugin: unable to download the execution file (https://github.com/aquasecurity/trivy-plugin-referrer/releases/download/v0.3.1/trivy_plugin_referrer_0.3.1_macOS-ARM64.tar.gz): failed to download https://github.com/aquasecurity/trivy-plugin-referrer/releases/download/v0.3.1/trivy_plugin_referrer_0.3.1_macOS-ARM64.tar.gz: Get "https://github.com/aquasecurity/trivy-plugin-referrer/releases/download/v0.3.1/trivy_plugin_referrer_0.3.1_macOS-ARM64.tar.gz": failed to round trip: failed to get the file content: GET https://api.github.com/repos/aquasecurity/trivy-plugin-referrer/contents/releases/download/v0.3.1: 404 Not Found []

Related issues

Checklist

  • I've read the guidelines for contributing to this repository.
  • I've followed the conventions in the PR title.
  • I've added tests that prove my fix is effective or that my feature works.
  • I've updated the documentation with the relevant information (if needed).
  • I've added usage information (if the PR introduces new options)
  • I've included a "before" and "after" example to the description (if the PR is a user interface change).

@knqyf263 knqyf263 self-assigned this Jul 31, 2024
@knqyf263 knqyf263 mentioned this pull request Jul 31, 2024
Closed
2 tasks
DmitriyLewen
DmitriyLewen approved these changes Jul 31, 2024
View reviewed changes
Copy link
Contributor

@DmitriyLewen DmitriyLewen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These changes work correctly:

➜  ./trivy -d plugin install referrer
2024-07-31T17:07:18+06:00       DEBUG   Cache dir       dir="/Users/dmitriy/Library/Caches/trivy"
2024-07-31T17:07:18+06:00       INFO    [plugin] Installing the plugin...       src="github.com/aquasecurity/trivy-plugin-referrer"
2024-07-31T17:07:20+06:00       DEBUG   [plugin] Loading the plugin metadata...
2024-07-31T17:07:20+06:00       DEBUG   Installing the plugin...        path="/Users/dmitriy/.trivy/plugins/referrer"
2024-07-31T17:07:20+06:00       DEBUG   Platform found  os="darwin" arch="arm64"
2024-07-31T17:07:20+06:00       DEBUG   Downloading the execution file...       uri="https://github.com/aquasecurity/trivy-plugin-referrer/releases/download/v0.3.1/trivy_plugin_referrer_0.3.1_macOS-ARM64.tar.gz"
2024-07-31T17:07:22+06:00       INFO    [plugin] Plugin successfully installed  name="referrer" version="0.3.1"
➜  ./trivy plugin list                 
Installed Plugins:
  Name:    referrer
  Version: 0.3.1

@knqyf263 knqyf263 marked this pull request as ready for review July 31, 2024 11:08
@knqyf263 knqyf263 added this pull request to the merge queue Jul 31, 2024
@knqyf263 knqyf263 mentioned this pull request Jul 31, 2024
Merged
Merged via the queue into aquasecurity:main with commit b3ee6da Jul 31, 2024
13 checks passed
@knqyf263 knqyf263 deleted the fix/github_releases branch July 31, 2024 11:37
@aqua-bot aqua-bot mentioned this pull request Jul 31, 2024
Merged
@knqyf263
Copy link
Collaborator Author

@aqua-bot backport release/v0.54

github-actions bot pushed a commit that referenced this pull request Jul 31, 2024
@knqyf263 @actions-user
fix(plugin): do not call GitHub content API for releases and tags (#7274
918872a 
)

Signed-off-by: knqyf263 <[email protected]>
@aqua-bot aqua-bot mentioned this pull request Jul 31, 2024
Merged
@aqua-bot
Copy link
Contributor

Backport PR created: #7279

fhielpos added a commit to giantswarm/trivy-upstream that referenced this pull request Dec 20, 2024
@fhielpos @yusuke-koyoshi
@knqyf263 @coheigea @DmitriyLewen @afdesk @nikpivkin @albertodonato @simar7 @dependabot @itaysk @aasish-r @orizerah @knrc @bobcallaway @LucasVanHaaren @psibre @aqua-bot @s-reddy1498 @Squiddim @pbaumard @kaplanlior @bloomadcariad @lebauce @msmeissn @sgaist
Update Trivy to version 0.56.2 (#4)
f235523 
* feat(vm): Support direct filesystem (aquasecurity#7058)

Signed-off-by: yusuke.koyoshi <[email protected]>

* feat(cli)!: delete deprecated SBOM flags (aquasecurity#7266)

Signed-off-by: knqyf263 <[email protected]>

* feat(vm): support the Ext2/Ext3 filesystems (aquasecurity#6983)

* fix(plugin): do not call GitHub content API for releases and tags (aquasecurity#7274)

Signed-off-by: knqyf263 <[email protected]>

* fix(java): Return error when trying to find a remote pom to avoid segfault (aquasecurity#7275)

Co-authored-by: DmitriyLewen <[email protected]>

* fix(flag): incorrect behavior for deprected flag `--clear-cache` (aquasecurity#7281)

* refactor(misconf): remove file filtering from parsers (aquasecurity#7289)

Signed-off-by: nikpivkin <[email protected]>

* feat(vuln): Add `--detection-priority` flag for accuracy tuning (aquasecurity#7288)

Signed-off-by: knqyf263 <[email protected]>

* docs: add auto-generated config (aquasecurity#7261)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* fix(terraform): add aws_region name to presets (aquasecurity#7184)

* perf(misconf): do not convert contents of a YAML file to string (aquasecurity#7292)

Signed-off-by: nikpivkin <[email protected]>

* refactor(misconf): remove unused universal scanner (aquasecurity#7293)

Signed-off-by: nikpivkin <[email protected]>

* perf(misconf): use json.Valid to check validity of JSON (aquasecurity#7308)

Signed-off-by: nikpivkin <[email protected]>

* fix(misconf): load only submodule if it is specified in source (aquasecurity#7112)

Signed-off-by: nikpivkin <[email protected]>

* feat(misconf): support for policy and bucket grants (aquasecurity#7284)

Signed-off-by: nikpivkin <[email protected]>

* fix(misconf): do not set default value for default_cache_behavior (aquasecurity#7234)

Signed-off-by: nikpivkin <[email protected]>

* feat(misconf): iterator argument support for dynamic blocks (aquasecurity#7236)

Signed-off-by: nikpivkin <[email protected]>
Co-authored-by: simar7 <[email protected]>

* chore(deps): bump the common group across 1 directory with 7 updates (aquasecurity#7305)

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs: update client/server docs for misconf and license scanning (aquasecurity#7277)

Signed-off-by: nikpivkin <[email protected]>
Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* docs: update links to packaging.python.org (aquasecurity#7318)

Signed-off-by: nikpivkin <[email protected]>

* perf(misconf): optimize work with context (aquasecurity#6968)

Signed-off-by: nikpivkin <[email protected]>

* refactor: replace ftypes.Gradle with packageurl.TypeGradle (aquasecurity#7323)

Signed-off-by: nikpivkin <[email protected]>

* docs: update air-gapped docs (aquasecurity#7160)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* docs(misconf): Update callsites to use correct naming (aquasecurity#7335)

* chore(deps): bump the common group with 9 updates (aquasecurity#7333)

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(misconf): change default TLS values for the Azure storage account (aquasecurity#7345)

Signed-off-by: nikpivkin <[email protected]>

* refactor(misconf): highlight only affected rows (aquasecurity#7310)

Signed-off-by: nikpivkin <[email protected]>

* fix(misconf): wrap Azure PortRange in iac types (aquasecurity#7357)

Signed-off-by: nikpivkin <[email protected]>

* feat(misconf): scanning support for YAML and JSON (aquasecurity#7311)

Signed-off-by: nikpivkin <[email protected]>

* feat(misconf): variable support for Terraform Plan (aquasecurity#7228)

Signed-off-by: nikpivkin <[email protected]>

* fix: safely check if the directory exists (aquasecurity#7353)

Signed-off-by: nikpivkin <[email protected]>

* chore(deps): bump the aws group across 1 directory with 7 updates (aquasecurity#7358)

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(server): add internal `--path-prefix` flag for client/server mode (aquasecurity#7321)

Signed-off-by: knqyf263 <[email protected]>

* chore(deps): bump trivy-checks (aquasecurity#7350)

Signed-off-by: nikpivkin <[email protected]>

* refactor(misconf): use slog (aquasecurity#7295)

Signed-off-by: nikpivkin <[email protected]>

* feat(misconf): ignore duplicate checks (aquasecurity#7317)

Signed-off-by: nikpivkin <[email protected]>

* fix(misconf): init frameworks before updating them (aquasecurity#7376)

Signed-off-by: nikpivkin <[email protected]>

* fix(misconf): support deprecating for Go checks (aquasecurity#7377)

Signed-off-by: nikpivkin <[email protected]>

* feat(python): use minimum version for pip packages (aquasecurity#7348)

* docs: add pkg flags to config file page (aquasecurity#7370)

* feat(misconf): Add support for using spec from on-disk bundle (aquasecurity#7179)

* fix(report): escape `Message` field in `asff.tpl` template (aquasecurity#7401)

* fix(misconf): use module to log when metadata retrieval fails (aquasecurity#7405)

Signed-off-by: nikpivkin <[email protected]>

* feat(misconf): support for ignore by nested attributes (aquasecurity#7205)

Signed-off-by: nikpivkin <[email protected]>

* fix(misconf): do not filter Terraform plan JSON by name (aquasecurity#7406)

Signed-off-by: nikpivkin <[email protected]>

* feat(misconf): port and protocol support for EC2 networks (aquasecurity#7146)

Signed-off-by: nikpivkin <[email protected]>

* chore: fix allow rule of ignoring test files to make it case insensitive (aquasecurity#7415)

* fix(secret): use only line with secret for long secret lines (aquasecurity#7412)

* chore: update CODEOWNERS (aquasecurity#7398)

Signed-off-by: knqyf263 <[email protected]>

* feat(server): Make Trivy Server Multiplexer Exported (aquasecurity#7389)

* feat(report): export modified findings in JSON (aquasecurity#7383)

Signed-off-by: knqyf263 <[email protected]>

* fix(sbom): use `NOASSERTION` for licenses fields in SPDX formats (aquasecurity#7403)

* fix(misconf): do not register Rego libs in checks registry (aquasecurity#7420)

Signed-off-by: nikpivkin <[email protected]>

* chore(deps): Bump trivy-checks (aquasecurity#7417)

Signed-off-by: nikpivkin <[email protected]>
Co-authored-by: nikpivkin <[email protected]>

* fix(misconf): do not recreate filesystem map (aquasecurity#7416)

Signed-off-by: nikpivkin <[email protected]>

* fix(secret): use `.eyJ` keyword for JWT secret (aquasecurity#7410)

* fix(misconf): fix infer type for null value (aquasecurity#7424)

Signed-off-by: nikpivkin <[email protected]>

* fix(aws): handle ECR repositories in different regions (aquasecurity#6217)

Signed-off-by: Kevin Conner <[email protected]>

* fix: logger initialization before flags parsing (aquasecurity#7372)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* fix(nodejs): check all `importers` to detect dev deps from pnpm-lock.yaml file (aquasecurity#7387)

* test: add integration plugin tests (aquasecurity#7299)

* feat(sbom): set User-Agent header on requests to Rekor (aquasecurity#7396)

Signed-off-by: Bob Callaway <[email protected]>

* fix(helm): explicitly define `kind` and `apiVersion` of `volumeClaimTemplate` element (aquasecurity#7362)

* chore(deps): Bump trivy-checks and pin OPA (aquasecurity#7427)

Signed-off-by: nikpivkin <[email protected]>
Co-authored-by: nikpivkin <[email protected]>

* feat(java): add `test` scope support for `pom.xml` files (aquasecurity#7414)

* fix(license): add license handling to JUnit template (aquasecurity#7409)

* feat(go): use `toolchain` as `stdlib` version for `go.mod` files (aquasecurity#7163)

* release: v0.55.0 [main] (aquasecurity#7271)

* fix(license): stop spliting a long license text (aquasecurity#7336)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* refactor(java): add error/statusCode for logs when we can't get pom.xml/maven-metadata.xml from remote repo (aquasecurity#7451)

* chore(helm): bump up Trivy Helm chart (aquasecurity#7441)

* chore(deps): bump the common group across 1 directory with 19 updates (aquasecurity#7436)

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: knqyf263 <[email protected]>

* chore(deps): bump the aws group with 6 updates (aquasecurity#7468)

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(oracle): Update EOL date for Oracle 7 (aquasecurity#7480)

* fix(report): change a receiver of MarshalJSON (aquasecurity#7483)

Signed-off-by: knqyf263 <[email protected]>

* fix(report): fix error with unmarshal of `ExperimentalModifiedFindings` (aquasecurity#7463)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* docs(oci): Add a note About the expected Media Type for the Trivy-DB OCI Artifact (aquasecurity#7449)

* feat(license): improve license normalization (aquasecurity#7131)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: DmitriyLewen <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* docs(db): add a manifest example (aquasecurity#7485)

Signed-off-by: knqyf263 <[email protected]>

* revert(java): stop supporting of `test` scope for `pom.xml` files (aquasecurity#7488)

* docs: refine go docs (aquasecurity#7442)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* chore(vex): suppress openssl vulnerabilities (aquasecurity#7500)

Signed-off-by: knqyf263 <[email protected]>

* chore(deps): bump alpine from 3.20.0 to 3.20.3 (aquasecurity#7508)

* chore(vex): add `CVE-2024-34155`, `CVE-2024-34156` and `CVE-2024-34158` in `trivy.openvex.json` (aquasecurity#7510)

* fix(java): use `dependencyManagement` from root/child pom's for dependencies from parents (aquasecurity#7497)

* refactor: split `.egg` and `packaging` analyzers (aquasecurity#7514)

* feat(misconf): Register checks only when needed (aquasecurity#7435)

* fix(misconf): Fix logging typo (aquasecurity#7473)

* chore(deps): bump go-ebs-file (aquasecurity#7513)

Signed-off-by: nikpivkin <[email protected]>

* fix(sbom): parse type `framework` as `library` when unmarshalling `CycloneDX` files (aquasecurity#7527)

* refactor(misconf): pass options to Rego scanner as is (aquasecurity#7529)

Signed-off-by: nikpivkin <[email protected]>

* fix(sbom): export bom-ref when converting a package to a component (aquasecurity#7340)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: amf <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* perf(misconf): use port ranges instead of enumeration (aquasecurity#7549)

Signed-off-by: nikpivkin <[email protected]>

* fix(misconf): Fixed scope for China Cloud (aquasecurity#7560)

* docs(misconf): Add more info on how to use arbitrary JSON/YAML scan feat (aquasecurity#7458)

* chore(deps): remove broken replaces for opa and discovery (aquasecurity#7600)

* ci: cache test images for `integration`, `VM` and `module` tests (aquasecurity#7599)

* ci: add `workflow_dispatch` trigger for test workflow. (aquasecurity#7606)

* chore(deps): bump the common group across 1 directory with 20 updates (aquasecurity#7604)

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: knqyf263 <[email protected]>

* fix(db): check `DownloadedAt` for `trivy-java-db` (aquasecurity#7592)

* fix: allow access to '..' in mapfs (aquasecurity#7575)

Signed-off-by: nikpivkin <[email protected]>

* test: use a local registry for remote scanning (aquasecurity#7607)

Signed-off-by: knqyf263 <[email protected]>

* fix(misconf): escape all special sequences (aquasecurity#7558)

Signed-off-by: nikpivkin <[email protected]>

* feat(misconf): add ability to disable checks by ID (aquasecurity#7536)

Signed-off-by: nikpivkin <[email protected]>
Co-authored-by: Simar <[email protected]>

* feat(suse): added SUSE Linux Enterprise Micro support (aquasecurity#7294)

Signed-off-by: Marcus Meissner <[email protected]>
Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* fix(misconf): disable DS016 check for image history analyzer (aquasecurity#7540)

Signed-off-by: nikpivkin <[email protected]>

* ci: split `save` and `restore` cache actions (aquasecurity#7614)

* refactor: fix auth error handling (aquasecurity#7615)

Signed-off-by: knqyf263 <[email protected]>

* feat(secret): enhance secret scanning for python binary files (aquasecurity#7223)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* feat(java): add empty versions if `pom.xml` dependency versions can't be detected (aquasecurity#7520)

Co-authored-by: Teppei Fukuda <[email protected]>

* test: use loaded image names (aquasecurity#7617)

Signed-off-by: knqyf263 <[email protected]>

* ci: don't use cache for `setup-go` (aquasecurity#7622)

* feat: support multiple DB repositories for vulnerability and Java DB (aquasecurity#7605)

Signed-off-by: nikpivkin <[email protected]>

* feat(misconf): Support `--skip-*` for all included modules  (aquasecurity#7579)

Signed-off-by: nikpivkin <[email protected]>
Co-authored-by: nikpivkin <[email protected]>

* chore: add prefixes to log messages (aquasecurity#7625)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: simar7 <[email protected]>

* fix(misconf): Disable deprecated checks by default (aquasecurity#7632)

* chore(deps): Bump trivy-checks to v1.1.0 (aquasecurity#7631)

* fix(secret): change grafana token regex to find them without unquoted (aquasecurity#7627)

* feat: support RPM archives (aquasecurity#7628)

Signed-off-by: knqyf263 <[email protected]>

* fix(misconf): not to warn about missing selectors of libraries (aquasecurity#7638)

Signed-off-by: nikpivkin <[email protected]>

* release: v0.56.0 [main] (aquasecurity#7447)

* fix(db): fix javadb downloading error handling [backport: release/v0.56] (aquasecurity#7646)

Signed-off-by: nikpivkin <[email protected]>
Co-authored-by: Nikita Pivkin <[email protected]>

* release: v0.56.1 [release/v0.56] (aquasecurity#7648)

* fix(sbom): add options for DBs in private registries [backport: release/v0.56] (aquasecurity#7691)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: Teppei Fukuda <[email protected]>

* fix(redhat): include arch in PURL qualifiers [backport: release/v0.56] (aquasecurity#7702)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: Teppei Fukuda <[email protected]>

* release: v0.56.2 [release/v0.56] (aquasecurity#7694)

* Make liveness probe configurable (#3)

---------

Signed-off-by: yusuke.koyoshi <[email protected]>
Signed-off-by: knqyf263 <[email protected]>
Signed-off-by: nikpivkin <[email protected]>
Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: Kevin Conner <[email protected]>
Signed-off-by: Bob Callaway <[email protected]>
Signed-off-by: Marcus Meissner <[email protected]>
Co-authored-by: yusuke-koyoshi <[email protected]>
Co-authored-by: Teppei Fukuda <[email protected]>
Co-authored-by: Aruneko <[email protected]>
Co-authored-by: Colm O hEigeartaigh <[email protected]>
Co-authored-by: DmitriyLewen <[email protected]>
Co-authored-by: afdesk <[email protected]>
Co-authored-by: Nikita Pivkin <[email protected]>
Co-authored-by: Alberto Donato <[email protected]>
Co-authored-by: simar7 <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Itay Shakury <[email protected]>
Co-authored-by: DmitriyLewen <[email protected]>
Co-authored-by: aasish-r <[email protected]>
Co-authored-by: Ori <[email protected]>
Co-authored-by: Kevin Conner <[email protected]>
Co-authored-by: Bob Callaway <[email protected]>
Co-authored-by: vhash <[email protected]>
Co-authored-by: psibre <[email protected]>
Co-authored-by: Aqua Security automated builds <[email protected]>
Co-authored-by: s-reddy1498 <[email protected]>
Co-authored-by: Squiddim <[email protected]>
Co-authored-by: Pierre Baumard <[email protected]>
Co-authored-by: Lior Kaplan <[email protected]>
Co-authored-by: amf <[email protected]>
Co-authored-by: bloomadcariad <[email protected]>
Co-authored-by: Sylvain Baubeau <[email protected]>
Co-authored-by: Simar <[email protected]>
Co-authored-by: Marcus Meissner <[email protected]>
Co-authored-by: Samuel Gaist <[email protected]>
fhielpos pushed a commit to giantswarm/trivy-upstream that referenced this pull request Dec 20, 2024
@knqyf263 @fhielpos
fix(plugin): do not call GitHub content API for releases and tags (aq…
70686a4 
…uasecurity#7274)

Signed-off-by: knqyf263 <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DmitriyLewen DmitriyLewen DmitriyLewen approved these changes

Assignees

@knqyf263 knqyf263

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

v0.54.0 is not installing plugins
3 participants
@knqyf263 @aqua-bot @DmitriyLewen