Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Select scan socket (containerd, podman, docker) #3049

Closed
pmengelbert opened this issue Oct 20, 2022 · 6 comments · Fixed by #4047
Closed

Select scan socket (containerd, podman, docker) #3049

pmengelbert opened this issue Oct 20, 2022 · 6 comments · Fixed by #4047
Labels
help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. kind/feature Categorizes issue or PR as related to a new feature. priority/backlog Higher priority than priority/awaiting-more-evidence. target/container-image Issues relating to container image scanning

Comments

@pmengelbert
Copy link
Contributor

Currently, in pkg/fanal/image/image.go, the provided container image will be resolved by first the docker daemon, then podman, then containerd, then remote. It would be helpful if there were some way to configure, from the CLI or a config file, which socket(s) to attempt. The current logic is preferential and somewhat confusing.

If there is a place that this can be configured already, it would be helpful to know where -- I didn't find it documented anywhere.
@pmengelbert pmengelbert added the kind/feature Categorizes issue or PR as related to a new feature. label Oct 20, 2022
@pmengelbert pmengelbert mentioned this issue Oct 20, 2022
Closed
@github-actions
Copy link

This issue is stale because it has been labeled with inactivity.

@github-actions github-actions bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and will be auto-closed. label Dec 20, 2022
@knqyf263 knqyf263 added priority/backlog Higher priority than priority/awaiting-more-evidence. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and will be auto-closed. labels Jan 3, 2023
@knqyf263 knqyf263 added this to the v0.37.0 milestone Jan 3, 2023
@knqyf263
Copy link
Collaborator

knqyf263 commented Jan 3, 2023

We don't have an option for that. What if adding --container-engine?

@itaysk itaysk added the target/container-image Issues relating to container image scanning label Jan 4, 2023
@pmengelbert
Copy link
Contributor Author

@knqyf263 That sounds like a good solution to me

@knqyf263 knqyf263 added the help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. label Jan 5, 2023
@knqyf263
Copy link
Collaborator

knqyf263 commented Jan 5, 2023

OK. I'll leave it for contributors for the time being.

@knqyf263 knqyf263 modified the milestones: v0.37.0, v0.38.0 Jan 30, 2023
@blueskyson
Copy link
Contributor

I'm interested in this issue but I haven't used any image clients other than Docker before...

@itaysk itaysk removed this from the v0.38.0 milestone Feb 27, 2023
@pmengelbert pmengelbert mentioned this issue Mar 7, 2023
Merged
6 tasks
@itaysk itaysk mentioned this issue Apr 12, 2023
Closed
@pmengelbert pmengelbert mentioned this issue Apr 12, 2023
Merged
7 tasks
@itaysk
Copy link
Contributor

itaysk commented Apr 13, 2023
edited
Loading

from @knqyf263 in #4044 (comment):

I have an idea about the selection of image sources. We are supposed to implement it in v0.41.0.
#3929

I suggest allowing users to specify the priority of runtimes.

# Force remote scanning
$ trivy image --image-from remote XXX

# Force containerd scanning
$ trivy image --image-from conatinerd XXX

# Prefer remote images and disable podman
$ trivy image --image-from remote,docker,containerd XXX

@pmengelbert pmengelbert mentioned this issue Apr 18, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. kind/feature Categorizes issue or PR as related to a new feature. priority/backlog Higher priority than priority/awaiting-more-evidence. target/container-image Issues relating to container image scanning
Projects
Trivy Roadmap
Status: No status
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(image): Add image-src flag to specify which runtime(s) to use pmengelbert/trivy
4 participants
@itaysk @knqyf263 @pmengelbert @blueskyson