-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bug(redhat): we don't need to return error if redhat image doesn't contain content_sets
#7911
Comments
I'm curious why the image doesn't contain content sets. I presume all newer images have content sets. |
previous version contains content sets: ➜ docker run -it --rm registry.access.redhat.com/ubi9-minimal@sha256:f5d2c6a1e0c86e4234ea601552dbabb4ced0e013a1efcbfb439f1f6a7a9275b0 ls -hl /root/buildinfo/content_manifests/
total 4.0K
-rw-rw-r-- 1 root root 368 Sep 18 21:24 ubi9-minimal-container-9.4-1227.1726694542.json But i checked all 9.5 images. These images don't contain content sets:
docs say But RedHat tries to make their minimal images smaller and safer. |
We have a ticket open with RedHat support to inquire about the missing content sets. It looks to be a bug in their newer 9.5 images. I can post an update as soon as I recieve final update about the case. |
Hello @pmolon |
Yes, as @pmolon said, it should be a bug. Otherwise, it's a breaking change, and Red Hat should notify certified scanners. Anyway, we need a workaround until @pmolon gets a reply from Red Hat. I'll review #7912 |
@pmolon -- May I have the link to the ticket with RH Support? |
@janani66 case is 03985698, there Jira should be public https://issues.redhat.com/browse/RHEL-67397 |
Description
There are cases when
root/buildinfo/content_manifests/
contains*.json
file, but these are not content_sets files.e.g.:
In this case we don't use
defaultContentSets
:trivy/pkg/detector/ospkg/redhat/redhat.go
Lines 27 to 44 in 983ac15
Discussed in #7910
The text was updated successfully, but these errors were encountered: