trivy-operator: Bug in metrics format (code 500)

What steps did you take and what happened: Deployed the latest version of Trivy Operator using Helm (with custom values)

[A clear and concise description of what the bug is, and what commands you ran.] Metrics are in a broken format, giving a 500 code instead of 200

What did you expect to happen: Having Prometheus formatted metrics created

Anything else you would like to add: I forced the Helm chart to use image v0.14.1 and it works again

[Miscellaneous information that will assist in solving the issue.]

Environment:

  • Trivy-Operator version (use trivy-operator version): 0.15.0
  • Kubernetes version (use kubectl version): 1.26.2
  • OS (macOS 10.15, Windows 10, Ubuntu 19.10 etc): Rocky Linux 9.2

About this issue

  • Original URL
  • State: closed
  • Created a year ago
  • Comments: 16

Most upvoted comments

@lepicodon I was able to reproduce it , fixing it now and creating a patch afterwards

+1
chen-keinan on Jul 26, 2023

Additionally, I would like to inquire about the new additions in version 0.15.0, such as detail configaudit, rbacassessment, and infraassessment info Metrics in Prometheus. However, I couldn’t find them in Prometheus. Are there any specific parameters that need to be configured?

yes , take a look at the following :

# -- MetricsExposedSecretInfo the flag to enable metrics about exposed secrets
  # be aware of metrics cardinality is significantly increased with this feature enabled.
  metricsExposedSecretInfo: false

  # -- MetricsConfigAuditInfo the flag to enable metrics about configuration audits
  # be aware of metrics cardinality is significantly increased with this feature enabled.
  metricsConfigAuditInfo: false

  # -- MetricsRbacAssessmentInfo the flag to enable metrics about Rbac Assessment
  # be aware of metrics cardinality is significantly increased with this feature enabled.
  metricsRbacAssessmentInfo: false
+1
chen-keinan on Jul 26, 2023

Pod logs didn’t seen any error. I have configured the following parameters. Will it have any impact? image

can you try disable metricVulnIdEnabled and see if still an issue

+1
chen-keinan on Jul 26, 2023
Read more comments on GitHub
← trivy: NPM v7 lockFileVersion = 2 is not supported in Trivy filesystem scan
trivy-operator: ClusterInfra Assesment Incorrectly Reports Findings →