Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

scanJob.customVolumesMount is not applied to the generated Job #2240

Open
takutakahashi opened this issue Aug 27, 2024 · 0 comments · May be fixed by #2241
Open

scanJob.customVolumesMount is not applied to the generated Job #2240

takutakahashi opened this issue Aug 27, 2024 · 0 comments · May be fixed by #2241
Labels
kind/bug Categorizes issue or PR as related to a bug.

Comments

@takutakahashi
Copy link

What steps did you take and what happened:

I added scanJob.customVolumes and scanJob.customVolumesMount to trivy-operator cm.

% kubectl get cm trivy-operator -n trivy-system -o yaml |grep scanJob.customVolumes
  scanJob.customVolumes: '[{"hostPath":{"path":"/run/containerd/containerd.sock","type":"Socket"},"name":"containerd-sock"}]'
  scanJob.customVolumesMount: '[{"mountPath":"/opt/run/containerd/containerd.sock","name":"containerd-sock"}]'

After creating scan-vulnerabilityreport job I inspected container's volumeMounts and volumes, then I got the results that customVolumes were appended to volumes but customVolumesMount were not appended to container's volumeMounts.

...snip...
  // not appended custom volumeMounts.
          volumeMounts:
          - mountPath: /tmp
            name: tmp
...snip...
        volumes:
...snip...
  // appended custom volumes.
        - hostPath:
            path: /run/containerd/containerd.sock
            type: Socket
          name: containerd-sock

What did you expect to happen:

customVolumesMount will be appended to container's volumeMounts.

Anything else you would like to add:

It caused by below. container is a pass-by-value and this change doesn't affect the original array.
https://github.com/aquasecurity/trivy-operator/blob/v0.22.0/pkg/vulnerabilityreport/builder.go#L168-L175

I will fix it and make PR.

Environment:

  • Trivy-Operator version (use trivy-operator version): v0.22.0
  • Kubernetes version (use kubectl version): v1.29.6
  • OS (macOS 10.15, Windows 10, Ubuntu 19.10 etc): Ubuntu 22.04.4 LTS
@takutakahashi takutakahashi added the kind/bug Categorizes issue or PR as related to a bug. label Aug 27, 2024
@takutakahashi takutakahashi linked a pull request Aug 27, 2024 that will close this issue
Open
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: scanjob.customVolumesMount is not applied to the Built-Job takutakahashi/trivy-operator
1 participant
@takutakahashi