Dockle can't perform the inspection.

Question

Dockle can't perform the inspection.

pyama86 opened this issue a year ago · 4 comments

Description

Hello! Thank you for using our software. It appears you are having issues executing a local image scan with Dockle. Here's the summary of the situation and the error messages:

What did you expect to happen?

# pull ubuntu latest
root@host:~# docker pull ubuntu:latest
latest: Pulling from library/ubuntu
57c139bbda7e: Pull complete
Digest: sha256:e9569c25505f33ff72e88b2990887c9dcf230f23259da296eb814fc2b41af999
Status: Downloaded newer image for ubuntu:latest
docker.io/library/ubuntu:latest
# add tag
root@host:~# docker tag ubuntu:latest example:latest
# run dockle
root@host:~# dockle -d example:latest
2024-02-03T15:15:43.976+0900    DEBUG   There is no .dockleignore file
2024-02-03T15:15:43.976+0900    DEBUG   Skipped update confirmation
2024-02-03T15:15:43.976+0900    DEBUG   Start assessments...
2024-02-03T15:15:46.538+0900    FATAL   unable to initialize a image struct:
    github.com/goodwithtech/deckoder/extractor/docker.newDockerExtractor
        /home/runner/go/pkg/mod/github.com/goodwithtech/deckoder@v0.0.4/extractor/docker/docker.go:73
  - failed to initialize source:
    github.com/goodwithtech/deckoder/extractor/image.NewImage
        /home/runner/go/pkg/mod/github.com/goodwithtech/deckoder@v0.0.4/extractor/image/image.go:86
  - reading manifest latest in docker.io/library/example: requested access to the resource is denied

root@host:~# docker run --rm -e DOCKLE_HOST=unix:///var/run/docker.sock -v /var/run/docker.sock:/var/run/docker.sock goodwithtech/dockle:v0.4.13 -d example:latest
2024-02-03T06:18:01.637Z        DEBUG   There is no .dockleignore file
2024-02-03T06:18:01.637Z        DEBUG   Skipped update confirmation
2024-02-03T06:18:01.638Z        DEBUG   Start assessments...
2024-02-03T06:18:04.225Z        FATAL   unable to initialize a image struct:
    github.com/goodwithtech/deckoder/extractor/docker.newDockerExtractor
        /home/runner/go/pkg/mod/github.com/goodwithtech/deckoder@v0.0.4/extractor/docker/docker.go:73
  - failed to initialize source:
    github.com/goodwithtech/deckoder/extractor/image.NewImage
        /home/runner/go/pkg/mod/github.com/goodwithtech/deckoder@v0.0.4/extractor/image/image.go:86
  - reading manifest latest in docker.io/library/example: requested access to the resource is denied

What happened instead?

Output of run with -debug:

(paste your output here)

Output of dockle -v:

root@host:~# dockle -v
dockle version 0.4.13

Additional details (base image name, container registry info...):

Answer 1 · 2024-02-03T14:15:32.000Z

@pyama86 Thank you for your feedback.
I could not reproduce it in my environment.
Please let me know your OS/ARCH and the result of the following command.

$ docker image ls --no-trunc ubuntu:latest

Answer 2 · 2024-02-03T14:34:34.000Z

# docker image ls --no-trunc ubuntu:latest
REPOSITORY   TAG       IMAGE ID                                                                  CREATED      SIZE
ubuntu       latest    sha256:fd1d8f58e8aedc22ec0a3a7ce1a33de544a596eaa6cdb842f1af7c5e081d453f   8 days ago   77.9MB

As shown above.
Recently, there have been issues that started occurring after updating to the latest version of Docker due to a vulnerability in runc. Therefore, there might be some relation to Docker.

# docker -v
Docker version 25.0.2, build 29cf629

Answer 3 · 2024-02-04T02:50:51.000Z

@pyama86 Thank you for the information.
This bug may have been addressed in the latest version.
I hope testing it in your environment to confirm.

Answer 4 · 2024-02-04T03:07:01.000Z

Thank you for the quick fix.