Trivy Operator is not compatible with Kubernetes v1.31.0 #2251
Comments
|
Hello, any idea when a patch will be released? |
|
+1 |
5 similar comments
|
+1 |
|
+1 |
|
+1 |
|
+1 |
|
+1 |
|
I haven't seen a response on whether or not this project is going to continue being supported and I don't really plan on maintaining a long-term fork, but if anyone needs 1.31.0 to work in the near-term you can take a look at the changes I've made to get it working (reference: https://github.com/Hacks4Snacks/trivy-operator). |
|
@Hacks4Snacks Do you have an image registry that I can pull? I noticed that https://ghcr.io/Hacks4Snacks/trivy-operator was not operational. Have you published images for this or should I build my own trivy-operator image. |
@Jhonnyzeroones I am not publishing artifacts to an image registry, I recommend building your own image. |
|
@Hacks4Snacks can you submit a PR with the fix? Not sure if is an option |
|
I've had a crack at a PR which appears to be working in my clusters. |
What steps did you take and what happened:
We had a Kubernetes cluster that was recently updated to Kubernetes v1.31.0 and had Trivy Operator v0.22 already running. After the upgrade, I noticed that the vulnerability reports were not being created anymore. Then I looked at the namespace and saw the scan jobs were not being cleaned up but they were all successful. I looked at the trivy-operator log and saw reconcile error stating: "unrecognized scan job condition: SuccessCriteriaMet". I have checked the Kubernetes documents and found the Job Success Policy is in beta for v1.31.0 and turned on by default .(https://kubernetes.io/docs/concepts/workloads/controllers/job/#success-policy)
What did you expect to happen:
After a successful job is complete, trivy-operator will clean up the jobs and create the reports as usual.
Anything else you would like to add:
To see new policy feature: https://kubernetes.io/docs/concepts/workloads/controllers/job/#success-policy
The Job status conditions now have 2 conditions on a success: the first one is the
SuccessCriteriaMettype and the second is theCompletetype.Environment:
trivy-operator version): 0.22.0 (also ran with 0.18.5 as well)kubectl version): 1.31.0The text was updated successfully, but these errors were encountered: