Resolve: "LIBS: 1. Create Schedule Job for Vulnerabilities Scanning" (!1153) · Merge requests · Recovery Cat Source / Rcc Client

Noel Simmel requested to merge 1321-FINAL-libs-create-schedule-job-for-vulnerabilities-scanning into main Nov 07, 2024

The corresponding schedule is "VULN": https://git.recoverycat.de/recoverycat/rcc-client/-/pipeline_schedules

Need to set RUN_E2E variable to "false" there and change target branch to main after merging.

The pipeline currently fails because there is a "HIGH" severity vulnerability.

Fetching the vuln database sometimes throws a rate-limiting error:

2024-11-07T14:03:01Z	ERROR	[vulndb] Failed to download artifact	repo="ghcr.io/aquasecurity/trivy-db:2" err="OCI repository error: 1 error occurred:\n\t* GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 72.36µs, allowed: 44000/minute\n\n"
2024-11-07T14:03:01Z	FATAL	Fatal error	init error: DB error: failed to download vulnerability DB: OCI artifact error: failed to download vulnerability DB: failed to download artifact from any source: 1 error occurred:
	* OCI repository error: 1 error occurred:
	* GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 72.36µs, allowed: 44000/minute
Command exited with non-zero status 1

This is a known problem with Trivy: https://github.com/aquasecurity/trivy/discussions/7538 I'm getting the same error when running Trivy locally. Not sure how to fix.

Edited Nov 08, 2024 by Noel Simmel

Resolve: "LIBS: 1. Create Schedule Job for Vulnerabilities Scanning"

Merge request reports