-
Notifications
You must be signed in to change notification settings - Fork 217
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: sync stdout buffer to file #2191
base: main
Are you sure you want to change the base?
Conversation
8e71ce9
to
f933450
Compare
Also updated the |
@chen-keinan could you trigger the workflow again? 🙏 |
I'm running the failing integration test
I'm not sure how to continue from here. The failing integration test seems to test |
The trivy command is completed and as it is the main process the entire container is stopped before the stdout buffer is cleared, resulting in malformed output. Fixes aquasecurity#1792.
This PR is stale because it has been labeled with inactivity. |
Description
The trivy command is completed and as it is the main process the entire container is stopped before the stdout buffer is cleared, resulting in malformed output.
This patch has been running for over a month and I have not experienced any lingering scan vulnerability jobs which could not be removed by the operator anymore. Used
kube_job_complete{namespace="trivy-system", condition="true", job_name=~"scan-vulnerabilityreport-[0-9a-f]+"}
to alert for scan jobs with malformed output.I did refactor the
getCommandAndArgs
function to deduplicate the logic for compressed and not compressed mode, it was essentially the same. Also ensured the options are in alphabetic order.Related issues
Checklist