Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug(k8s): inconsistent results from summary and all report on k8s workload #7937

Closed
afdesk opened this issue Nov 18, 2024 Discussed in #7927 · 0 comments · Fixed by #7946
Closed

bug(k8s): inconsistent results from summary and all report on k8s workload #7937

afdesk opened this issue Nov 18, 2024 Discussed in #7927 · 0 comments · Fixed by #7946
Assignees
@simar7 @afdesk
Labels
kind/bug Categorizes issue or PR as related to a bug.
Milestone
v0.58.0

Comments

@afdesk
Copy link
Contributor

afdesk commented Nov 18, 2024

Description

There are cases when summary report doesn't contain information about vulnerabilities.

Reason

For consolidated report Trivy looks for vulns and secrets only in the first result.
The second and next results are skipped now.

https://github.com/aquasecurity/trivy/blob/main/pkg/k8s/report/report.go#L282-L283

Reproduction steps:

#!/bin/sh
kind delete cluster && kind create cluster
kubectl cluster-info
kubectl wait --for=condition=Ready nodes --all --timeout=300s

kubectl create namespace test
kubectl create -f pod.yaml

trivy k8s --report summary --include-namespaces test

pod.yaml:

apiVersion: v1
kind: Pod
metadata:
  namespace: test
  name: postgres-pod
spec:
  containers:
  - name: postgres
    image: postgres:15-alpine3.19
    ports:
    - containerPort: 5432
    env:
    - name: POSTGRES_USER
      value: "admin"
    - name: POSTGRES_PASSWORD
      value: "password"
    - name: POSTGRES_DB
      value: "exampledb"

Discussed in #7927
@afdesk afdesk added the kind/bug Categorizes issue or PR as related to a bug. label Nov 18, 2024
@afdesk afdesk self-assigned this Nov 18, 2024
@afdesk afdesk mentioned this issue Nov 18, 2024
Merged
6 tasks
@simar7 simar7 self-assigned this Nov 20, 2024
@simar7 simar7 added this to the v0.58.0 milestone Nov 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@simar7 simar7

@afdesk afdesk

Labels
kind/bug Categorizes issue or PR as related to a bug.
Projects
Trivy Roadmap
Status: No status
Milestone
v0.58.0
Development

Successfully merging a pull request may close this issue.

fix(k8s): check all results for vulnerabilities afdesk/trivy
2 participants
@simar7 @afdesk