adamant-kite-43734
10/14/2022, 8:02 AMfast-garage-66093
10/14/2022, 3:48 PMbetter-nail-51710
10/15/2022, 6:13 AMquick-keyboard-83126
10/16/2022, 7:01 AM% trivy image python:3.4-alpine
2022-10-16T02:54:52.234-0400 INFO Vulnerability scanning is enabled
2022-10-16T02:54:52.234-0400 INFO Secret scanning is enabled
2022-10-16T02:54:52.234-0400 INFO If your scanning is slow, please try '--security-checks vuln' to disable secret scanning
2022-10-16T02:54:52.234-0400 INFO Please see also <https://aquasecurity.github.io/trivy/v0.32/docs/secret/scanning/#recommendation> for faster secret detection
2022-10-16T02:54:52.249-0400 FATAL image scan error: scan error: unable to initialize a scanner: unable to initialize a docker scanner: 4 errors occurred:
* unable to inspect the image (python:3.4-alpine): Error: No such image: python:3.4-alpine
* unable to initialize Podman client: no podman socket found: stat podman/podman.sock: no such file or directory
* containerd socket not found: /run/containerd/containerd.sock
* error getting credentials - err: docker-credential-osxkeychain resolves to executable in current directory (./docker-credential-osxkeychain), out: ``
...
% docker pull python:3.4-alpine
3.4-alpine: Pulling from library/python
3b00a3925ee4: Pull complete
a3cd3e3d08dd: Pull complete
bed9db30154f: Pull complete
d837e8e30360: Pull complete
f307ca8b43fd: Pull complete
Digest: sha256:c210b660e2ea553a7afa23b41a6ed112f85dbce25cbcb567c75dfe05342a4c4b
Status: Downloaded newer image for python:3.4-alpine
<http://docker.io/library/python:3.4-alpine|docker.io/library/python:3.4-alpine>
% trivy image python:3.4-alpine
2022-10-16T02:55:07.995-0400 INFO Vulnerability scanning is enabled
2022-10-16T02:55:07.995-0400 INFO Secret scanning is enabled
2022-10-16T02:55:07.995-0400 INFO If your scanning is slow, please try '--security-checks vuln' to disable secret scanning
2022-10-16T02:55:07.995-0400 INFO Please see also <https://aquasecurity.github.io/trivy/v0.32/docs/secret/scanning/#recommendation> for faster secret detection
2022-10-16T02:55:09.368-0400 INFO Detected OS: alpine
2022-10-16T02:55:09.368-0400 INFO Detecting Alpine vulnerabilities...
2022-10-16T02:55:09.369-0400 INFO Number of language-specific files: 1
2022-10-16T02:55:09.369-0400 INFO Detecting python-pkg vulnerabilities...
2022-10-16T02:55:09.376-0400 WARN This OS version is no longer supported by the distribution: alpine 3.9.2
2022-10-16T02:55:09.376-0400 WARN The vulnerability detection may be insufficient because security updates are not provided
python:3.4-alpine (alpine 3.9.2)
Total: 37 (UNKNOWN: 0, LOW: 4, MEDIUM: 16, HIGH: 13, CRITICAL: 4)
...
...
% trivy image 99a53e6ad17e
2022-10-16T02:56:30.516-0400 INFO Vulnerability scanning is enabled
2022-10-16T02:56:30.516-0400 INFO Secret scanning is enabled
2022-10-16T02:56:30.516-0400 INFO If your scanning is slow, please try '--security-checks vuln' to disable secret scanning
2022-10-16T02:56:30.516-0400 INFO Please see also <https://aquasecurity.github.io/trivy/v0.32/docs/secret/scanning/#recommendation> for faster secret detection
2022-10-16T02:56:30.525-0400 INFO Detected OS: alpine
2022-10-16T02:56:30.525-0400 INFO Detecting Alpine vulnerabilities...
2022-10-16T02:56:30.525-0400 INFO Number of language-specific files: 1
2022-10-16T02:56:30.525-0400 INFO Detecting python-pkg vulnerabilities...
2022-10-16T02:56:30.526-0400 WARN This OS version is no longer supported by the distribution: alpine 3.9.2
2022-10-16T02:56:30.526-0400 WARN The vulnerability detection may be insufficient because security updates are not provided
99a53e6ad17e (alpine 3.9.2)
Total: 37 (UNKNOWN: 0, LOW: 4, MEDIUM: 16, HIGH: 13, CRITICAL: 4)
...
...
% docker build . --tag mookas/junk:latest
Sending build context to Docker daemon 2.048kB
Step 1/1 : FROM python:3.4-alpine
---> 99a53e6ad17e
Successfully built 99a53e6ad17e
Successfully tagged mookas/junk:latest
% trivy image mookas/junk:latest
2022-10-16T02:57:55.764-0400 INFO Vulnerability scanning is enabled
2022-10-16T02:57:55.764-0400 INFO Secret scanning is enabled
2022-10-16T02:57:55.764-0400 INFO If your scanning is slow, please try '--security-checks vuln' to disable secret scanning
2022-10-16T02:57:55.764-0400 INFO Please see also <https://aquasecurity.github.io/trivy/v0.32/docs/secret/scanning/#recommendation> for faster secret detection
2022-10-16T02:57:55.777-0400 INFO Detected OS: alpine
2022-10-16T02:57:55.777-0400 INFO Detecting Alpine vulnerabilities...
2022-10-16T02:57:55.778-0400 INFO Number of language-specific files: 1
2022-10-16T02:57:55.778-0400 INFO Detecting python-pkg vulnerabilities...
2022-10-16T02:57:55.779-0400 WARN This OS version is no longer supported by the distribution: alpine 3.9.2
2022-10-16T02:57:55.779-0400 WARN The vulnerability detection may be insufficient because security updates are not provided
mookas/junk:latest (alpine 3.9.2)
Total: 37 (UNKNOWN: 0, LOW: 4, MEDIUM: 16, HIGH: 13, CRITICAL: 4)
...
trivy seems to behave vaguely reasonably here (macOS, m1, rancher desktop 1.6.0, trivy installed via brew)quick-keyboard-83126
10/16/2022, 7:03 AMquick-keyboard-83126
10/16/2022, 7:12 AMbetter-nail-51710
10/16/2022, 8:00 AMbetter-nail-51710
10/16/2022, 8:31 AMquick-keyboard-83126
10/16/2022, 11:08 AMbetter-nail-51710
10/16/2022, 3:36 PMquick-keyboard-83126
10/16/2022, 3:37 PM