Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

too many requests error again #430

Open
DChevrier1 opened this issue Nov 5, 2024 · 10 comments
Open

too many requests error again #430

DChevrier1 opened this issue Nov 5, 2024 · 10 comments

Comments

@DChevrier1
Copy link

We upgraded to 0.28 when it came out and these errors went away, but they have come back again. What can we do to help fix this as it is part of our CI/CD pipeline? Thanks

ERROR [vulndb] Failed to download artifact repo="ghcr.io/aquasecurity/trivy-db:2" err="oci download error: failed to fetch the layer: GET https://ghcr.io/v2/aquasecurity/trivy-db/blobs/sha256:c3afeb28c808216cc2fa69d1e682164efd3c9967451a061778329ce94ce1a069: TOOMANYREQUESTS: retry-after: 217.944µs, allowed: 44000/minute"
1902024-11-05T13:55:48Z FATAL Fatal error init error: DB error: failed to download vulnerability DB: OCI artifact error: failed to download vulnerability DB: failed to download artifact from any source
@ACipkowski1
Copy link

Thank you for looking into this

@JBrown413
Copy link

I'd love to see a fix!!

@CDixson1
Copy link

CDixson1 commented Nov 5, 2024

Received same error, TOOMANYREQUESTS. A fix would be greatly appreciated. Thanks.

@RBlanc1
Copy link

RBlanc1 commented Nov 5, 2024

A fix for this would be helpful in our pipeline process - thx

@tliebert1
Copy link

Have run into this problem also.

@ogruene
Copy link

ogruene commented Nov 7, 2024

Hi @DChevrier1,

as far as I see, you can simply add the following env to your aquasecurity/trivy-action step:

env:
    TRIVY_DB_REPOSITORY: "public.ecr.aws/aquasecurity/trivy-db:2"

This should work - at least when using current aquasecurity/trivy-action@master. Not sure if it also works with the last release.

Oliver Grüneberg <oliver.grueneberg@mercedes-benz.com>, Mercedes-Benz Tech Innovation GmbH
Provider Information

@arareko
Copy link

arareko commented Nov 7, 2024

Seems related to #107

@ogruene
Copy link

ogruene commented Nov 7, 2024

As far as I see, it's a DB download error rather related #389

@arareko
Copy link

arareko commented Nov 7, 2024

As far as I see, it's a DB download error rather related #389

@ogruene Yes, both are related.

@lucasmrod lucasmrod mentioned this issue Nov 7, 2024
Closed
@RichardoC
Copy link

Hi @DChevrier1,

as far as I see, you can simply add the following env to your aquasecurity/trivy-action step:

env:
    TRIVY_DB_REPOSITORY: "public.ecr.aws/aquasecurity/trivy-db:2"

This should work - at least when using current aquasecurity/trivy-action@master. Not sure if it also works with the last release.

Oliver Grüneberg <oliver.grueneberg@mercedes-benz.com>, Mercedes-Benz Tech Innovation GmbH Provider Information

Mind providing a source for that repo? https://pkg.go.dev/github.com/aquasecurity/trivy-db#readme-download-the-vulnerability-database only refers to the github container registry

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
9 participants
@arareko @RichardoC @ogruene @DChevrier1 @CDixson1 @tliebert1 @RBlanc1 @ACipkowski1 @JBrown413