Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow InitContainer to pull vulnerability-db from private registry #2221

Open
crtvmn opened this issue Aug 9, 2024 · 3 comments
Open

Allow InitContainer to pull vulnerability-db from private registry #2221

crtvmn opened this issue Aug 9, 2024 · 3 comments
Labels
kind/bug Categorizes issue or PR as related to a bug.

Comments

@crtvmn
Copy link

crtvmn commented Aug 9, 2024
edited
Loading

Hello,

I'm trying to deploy the Trivy Operator in standalone mode with the provided Helm chart in an offline environment with a private registry. Credentials are required to access this registry.

Unfortunately, it is not possible to forward or add env variables (TRIVY_USER and TRIVY_PASSWORD) to allow the Trivy init-container to pull the vulnerability database from my private registry.

Moreover the dbRepositoryPassword and dbRepositoryUsername seem useless.

trivy-operator/deploy/helm/values.yaml

Lines 525 to 529 in 2cd18ea

dbRepositoryUsername: ~
# -- The password for dbRepository authentication
#
dbRepositoryPassword: ~

Can you confirm that this use case is not possible for the moment? I found this discussion #1341 but no answer and no link to the related issue. Thanks for your help!

Best regards
@crtvmn crtvmn added the kind/bug Categorizes issue or PR as related to a bug. label Aug 9, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Oct 9, 2024

This issue is stale because it has been labeled with inactivity.

@github-actions github-actions bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and will be auto-closed. label Oct 9, 2024
@Heap0017
Copy link

Heap0017 commented Oct 9, 2024
edited
Loading

I'm having the same issue. In my opinion it should be possible to provide the credentials for pulling trivy-db and trivy-java-db just like we can do it for trivy-checks.

@crtvmn This is the issue mentioned in the discussion: #1342

@Heap0017
Copy link

Heap0017 commented Oct 9, 2024

@crtvmn I just found out that you can in fact use a secret for setting dbRepositoryUsername and dbRepositoryPassword. It just isn't mentioned in the README. #2282

@github-actions github-actions bot removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and will be auto-closed. label Oct 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@crtvmn @Heap0017