clairctl icon indicating copy to clipboard operation
clairctl copied to clipboard
verified publisher icon jgsqware

Broken reports can be generated

Open jdel opened this issue 8 years ago • 0 comments

In specific cases, broken reports can be generated.

Let's assume we have two images using FROM alpine 3.5: jdel/image1 and jdel/image2 Both images don't have any other common layers.

Running clairctl push jdel/image1 will push layers to clair, including the base alpine:3,5 layer. Running clairctl report jdel/image1 will generate a valid report for jdel/image1. Running clairctl report jdel/image2 will generate a broken report for jdel/image2. Running with debug flag will show 404 errors when getting vulnerabilities for the layers that have been not been pushed, but it will still generate a report.

Workaround: automatically do a push before generating the report.

Fix: generate the report only if no 404 is returned by clair, otherwise, print something in the console

jdel avatar Jun 09 '17 11:06 jdel