How does Trivy detect Go binaries in SCRATCH images? #6499
-
QuestionHow does trivy detect Golang binaries in scratch container images like those:
I have some images where trivy detects the compiled binery, but other container images don't get scanned:
How can I optimise my Dockerfile, so that Trivy is able to detect the binary? TargetContainer Image ScannerVulnerability Output FormatNone ModeStandalone Operating Systemlinux/amd64 VersionVersion: 0.50.1
Vulnerability DB:
Version: 2
UpdatedAt: 2024-04-15 12:12:10.582949864 +0000 UTC
NextUpdate: 2024-04-15 18:12:10.582949704 +0000 UTC
DownloadedAt: 2024-04-15 15:56:59.765386832 +0000 UTC
Java DB:
Version: 1
UpdatedAt: 2024-03-19 00:47:09.502917667 +0000 UTC
NextUpdate: 2024-03-22 00:47:09.502917547 +0000 UTC
DownloadedAt: 2024-03-19 11:33:38.686315408 +0000 UTC |
Beta Was this translation helpful? Give feedback.
Replies: 3 comments 1 reply
-
Trivy basically analyzes all executable files and detects Go binaries. Are you sure you image was successfully built?
After I added
|
Beta Was this translation helpful? Give feedback.
-
Hi @knqyf263, thank You for the answer. Yes, the image is successfully built, because it runs on my server: Regards, |
Beta Was this translation helpful? Give feedback.
-
It works now. Thanks! |
Beta Was this translation helpful? Give feedback.
Not yet but soon.
#4133
#6277