Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

jf docker scan does not work with Docker Engine 25 and above #330

Open
joelee2012 opened this issue Apr 25, 2024 · 2 comments
Open

jf docker scan does not work with Docker Engine 25 and above #330

joelee2012 opened this issue Apr 25, 2024 · 2 comments
Labels
bug Something isn't working

Comments

@joelee2012
Copy link

joelee2012 commented Apr 25, 2024
edited
Loading

Describe the bug

we build docker image with dind in Jenkins, when run jf docker scan in build pod with Docker Engine 25 and above to scan docker image, it always reports No vulnerable components were found

Current behavior

Docker info:

Client: Docker Engine - Community
 Version:    26.1.0
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.14.0
    Path:     /usr/libexec/docker/cli-plugins/docker-buildx

Server:
 Containers: 0
  Running: 0
  Paused: 0
  Stopped: 0
 Images: 0
 Server Version: 25.0.5
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Using metacopy: false
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 7c3aca7a610df76212171d200ca3811ff6096eb8
 runc version: v1.1.12-0-g51d5e94
 init version: de40ad0
 Security Options:
  seccomp
   Profile: builtin
 Kernel Version: 4.18.0-147.5.1.6.h766.eulerosv2r9.x86_64
 Operating System: Alpine Linux v3.19 (containerized)
 OSType: linux
 Architecture: x86_64
 CPUs: 8
 Total Memory: 30.89GiB
 Name: devops-internal-java-base-dev-44-dg72h-klz31-1tvdt
 ID: 70abf9c8-5b41-4140-8a98-97496e2107ca
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false
 Product License: Community Engine

execute log:

18:04:12  + export JFROG_CLI_LOG_LEVEL=DEBUG
18:04:12  + JFROG_CLI_LOG_LEVEL=DEBUG
18:04:12  + docker save --output my-image-docker.tar example.artifactory.com/docker-release/test-npm:0.1.4-20240425144822-b5df44
18:04:14  + jf docker scan example.artifactory.com/docker-release/test-npm:0.1.4-20240425144822-b5df44
18:04:14  18:04:13 [Debug] JFrog CLI version: 2.56.0
18:04:14  18:04:13 [Debug] OS/Arch: linux/amd64
18:04:14  18:04:13 [Debug] Sending HTTP GET request to: https://example.artifactory.com/xray/api/v1/system/version
18:04:14  18:04:13 [Debug] Usage Report: Sending info...
18:04:14  18:04:13 [Debug] Sending HTTP GET request to: https://example.artifactory.com/artifactory/api/system/version
18:04:14  18:04:13 [Info] Creating image archive...
18:04:14  18:04:13 [Debug] Artifactory response: 200 
18:04:14  18:04:13 [Debug] JFrog Artifactory version is: 7.38.10
18:04:14  18:04:13 [Debug] Sending HTTP POST request to: https://example.artifactory.com/artifactory/api/system/usage
18:04:14  18:04:14 [Debug] Sending HTTP GET request to: https://example.artifactory.com/xray/api/v1/system/version
18:04:14  18:04:14 [Info] JFrog Xray version is: 3.54.5
18:04:14  18:04:14 [Debug] Creating lock in: /root/.jfrog/locks/xray-indexer
18:04:14  18:04:14 [Info] JFrog Xray Indexer 3.54.5 is not cached locally. Downloading it now...
18:04:14  18:04:14 [Debug] Sending HTTP GET request to: https://example.artifactory.com/xray/api/v1/indexer-resources/download/linux/amd64
18:04:15  18:04:15 [Info] The downloaded Xray Indexer version is 3.54.5
18:04:15  18:04:15 [Debug] Releasing lock: /root/.jfrog/locks/xray-indexer/jfrog-cli.conf.lck.130.1714039454567331359
18:04:15  18:04:15 [Info] [Thread 0] Indexing file: /tmp/jfrog.cli.temp.-1714039453-1649147033/image.tar
18:04:16  18:04:16 [Info] 2024-04-25T10:04:15.510457181Z [jfxia] [DEBUG] [] [wire_gen:45                   ] [main                ] Initializing filtering service
18:04:16  2024-04-25T10:04:16.509995872Z [jfxia] [DEBUG] [] [indexer-app:43                ] [main                ] Indexing standalone file /tmp/jfrog.cli.temp.-1714039453-1649147033/image.tar using artifactory folder /tmp/jfrog.cli.temp.-1714039455-1901921032
18:04:16  2024-04-25T10:04:16.510143457Z [jfxia] [DEBUG] [] [indexer_app:109               ] [main                ] Local path: /tmp/jfrog.cli.temp.-1714039455-1901921032/4c51c32d-d48e-4a22-7975-a46e85b5172a/171403945651013915/image.tar
18:04:16  2024-04-25T10:04:16.510172385Z [jfxia] [DEBUG] [] [indexer_app:109               ] [main                ] Scanning file from Artifactory with mimetype 'application/x-gzip'
18:04:16  2024-04-25T10:04:16.805737745Z [jfxia] [DEBUG] [] [indexer_app:109               ] [main                ] Found archive file. Performing deep scan for file /tmp/jfrog.cli.temp.-1714039455-1901921032/4c51c32d-d48e-4a22-7975-a46e85b5172a/171403945651013915/image.tar
18:04:16  2024-04-25T10:04:16.820307051Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/031e9a2742957ceeb08bb04dcf48ff49c1fe7bf210fce4d02bc107eabb0e5e19
18:04:16  2024-04-25T10:04:16.820379292Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/0cc5dda847f8236ca1d767c2ab43a31ed9a554a12936b29e69fb574da025d8fc
18:04:16  2024-04-25T10:04:16.820418804Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/200d830478eac31d405e96fc394bc7bb0d1ec500db40d1c9aa55dde44e944150
18:04:16  2024-04-25T10:04:16.820447487Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/236632f891b128248c49d14b6ff625270ea5e6a0a7afbf7084d428547498f4c8
18:04:16  2024-04-25T10:04:16.820476632Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/273485579c557b31fb49837f841a0fd35795dc6505e8fe76c607095db13fca47
18:04:16  2024-04-25T10:04:16.820503029Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/3398d076ba1f240f26dd80594e94d378bec8e7956c980e929a3b0bcdd69c848d
18:04:16  2024-04-25T10:04:16.820532713Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/369d2d52deeacc7a6ff4838075667eb0338cd388b659a0a0dfa27fdcf5da0a7c
18:04:16  2024-04-25T10:04:16.823149535Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/3a914c284589238098f4f4ddc18b444deac8a7cb3ed1a60324c6e4ab133c994b
18:04:16  2024-04-25T10:04:16.823208671Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/5a045411e473246048e69d68336ee1cd468d3fe98afc3243439ad9215438dd31
18:04:16  2024-04-25T10:04:16.82324359Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/634cd86b27edef01d02c14d09c97642662b608ebe0dd1cb55cc8a1406496bc6d
18:04:16  2024-04-25T10:04:16.823276386Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/648cb14a9487cb0c07f78e1fe1e268e954ba96c4b5ac0c0a1fb2a0d6aa9aec9a
18:04:16  2024-04-25T10:04:16.823305372Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/6fe0f403036bfadb5ccf0363db2a6bbb5553997d34645cb66cce704521d62159
18:04:16  2024-04-25T10:04:16.823339591Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/77ce4d7b54d51e457d4fd9372061738697e4659e48770fe130d613cc4dc2352c
18:04:16  2024-04-25T10:04:16.823366401Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/7de24e36349b08d9a11de77bad3ede3bed4ca190c739146d3c0cbaadb2ba8e24
18:04:16  2024-04-25T10:04:16.82339661Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/7e400934d3c07e43ff5cdac2371b54e7800a222bd018c13355d63362efb6ff18
18:04:16  2024-04-25T10:04:16.826282072Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/84709a565a284ec4ca19eb0f7b76cfc355713e5033a00bd3f8da7821bb2fc450
18:04:16  2024-04-25T10:04:16.826336846Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/84855e0a6c9ef51d5915c6e21f8c544185680c8ba9dde922e7c9d547d709751b
18:04:16  2024-04-25T10:04:16.834677484Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/95a7baf9b63f99b521d030d211457d48a916a5c8e8da914f22e61d79c4a3a66f
18:04:16  2024-04-25T10:04:16.834735116Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/b1329246690cd2cb0af7747ec20f99928552e1a364f66fcd5222ea25b0d4492b
18:04:16  2024-04-25T10:04:16.834769852Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/c650baa2ed45155f417d81f05aadeba728a81b065ad16cdaf40c3e851fb20fa2
18:04:16  2024-04-25T10:04:16.834802095Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/d4fc045c9e3a848011de66f34b81f052d4f2c15a17bb196d637e526349601820
18:04:16  2024-04-25T10:04:16.836836123Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/def06013040ecab853591b2083d68d01181e3a292f3ed3181a3674758a72afee
18:04:16  2024-04-25T10:04:16.836894273Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/e3be2c612adbe7fd51805724cf31d607fd8d847ae442a681edea53b292eb579b
18:04:16  2024-04-25T10:04:16.836933958Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/fe01e5b3f9416eed04af21262fcf530394fa312d7d72dbb4cad10a9235bb97f7
18:04:16  2024-04-25T10:04:16.837231218Z [jfxia] [DEBUG] [] [archive_mgr:1264              ] [main                ] Found archive file. Performing deep scan for file /tmp/jfrog.cli.temp.-1714039455-1901921032/4c51c32d-d48e-4a22-7975-a46e85b5172a/171403945683702370/manifest.json
18:04:16  2024-04-25T10:04:16.83728023Z [jfxia] [WARN ] [] [archive_mgr:631               ] [main                ] Archive manifest.json exceeded internal depth limitation, extraction stopped.
18:04:16  2024-04-25T10:04:16.837319836Z [jfxia] [DEBUG] [] [archive_mgr:232               ] [main                ] No classification found for manifest.json, classified as generic
18:04:16  2024-04-25T10:04:16.837349413Z [jfxia] [DEBUG] [] [archive_mgr:232               ] [main                ] manifest.json was classified as Generic
18:04:16  2024-04-25T10:04:16.837375052Z [jfxia] [DEBUG] [] [archive_mgr:232               ] [main                ] total running time for indexing tree construction of  manifest.json: 5.6451e-05 seconds
18:04:16  2024-04-25T10:04:16.837465451Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable oci-layout
18:04:16  2024-04-25T10:04:16.837511494Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable repositories
18:04:16  2024-04-25T10:04:16.837578881Z [jfxia] [DEBUG] [] [archive_mgr:232               ] [main                ] No classification found for image.tar, classified as generic
18:04:16  2024-04-25T10:04:16.837603079Z [jfxia] [DEBUG] [] [archive_mgr:232               ] [main                ] image.tar was classified as Generic
18:04:16  2024-04-25T10:04:16.837631284Z [jfxia] [DEBUG] [] [archive_mgr:232               ] [main                ] total running time for indexing tree construction of  image.tar: 6.7246e-05 seconds
18:04:16  2024-04-25T10:04:16.837655542Z [jfxia] [DEBUG] [] [archive_mgr:195               ] [main                ] total running time for indexing image.tar: 0.031848115 seconds
18:04:16  
18:04:16  18:04:16 [Debug] Sending HTTP POST request to: https://example.artifactory.com/xray/api/v1/scan/graph?scan_type=binary
18:04:16  18:04:16 [Info] Waiting for scan to complete on JFrog Xray...
18:04:16  18:04:16 [Debug] Sending HTTP GET request to: https://example.artifactory.com/xray/api/v1/scan/graph/883e2906-0155-4c8b-61da-563d7aed66a9?include_vulnerabilities=true
18:04:16  
18:04:16  Vulnerable Components
18:04:16  +---------------------------------------+
18:04:16  |  No vulnerable components were found  |
18:04:16  +---------------------------------------+
18:04:16  18:04:16 [Info] Scan completed successfully.
18:04:17  + jf scan my-image-docker.tar
18:04:17  18:04:16 [Debug] JFrog CLI version: 2.56.0
18:04:17  18:04:16 [Debug] OS/Arch: linux/amd64
18:04:17  18:04:16 [Debug] Sending HTTP GET request to: https://example.artifactory.com/xray/api/v1/system/version
18:04:17  18:04:16 [Debug] Usage Report: Sending info...
18:04:17  18:04:16 [Debug] Sending HTTP GET request to: https://example.artifactory.com/artifactory/api/system/version
18:04:17  18:04:16 [Info] JFrog Xray version is: 3.54.5
18:04:17  18:04:16 [Debug] Creating lock in: /root/.jfrog/locks/xray-indexer
18:04:17  18:04:16 [Debug] Releasing lock: /root/.jfrog/locks/xray-indexer/jfrog-cli.conf.lck.174.1714039456965187275
18:04:17  18:04:16 [Info] [Thread 2] Indexing file: my-image-docker.tar
18:04:17  18:04:16 [Debug] Artifactory response: 200 
18:04:17  18:04:16 [Debug] JFrog Artifactory version is: 7.38.10
18:04:17  18:04:16 [Debug] Sending HTTP POST request to: https://example.artifactory.com/artifactory/api/system/usage
18:04:18  18:04:18 [Info] 2024-04-25T10:04:17.258110507Z [jfxia] [DEBUG] [] [wire_gen:45                   ] [main                ] Initializing filtering service
18:04:18  2024-04-25T10:04:18.121103818Z [jfxia] [DEBUG] [] [indexer-app:43                ] [main                ] Indexing standalone file my-image-docker.tar using artifactory folder /tmp/jfrog.cli.temp.-1714039456-4037755282
18:04:18  2024-04-25T10:04:18.12121399Z [jfxia] [DEBUG] [] [indexer_app:109               ] [main                ] Local path: /tmp/jfrog.cli.temp.-1714039456-4037755282/1d1111f7-59aa-4762-46ea-a7e3c6e0574d/171403945812120613/my-image-docker.tar
18:04:18  2024-04-25T10:04:18.121242414Z [jfxia] [DEBUG] [] [indexer_app:109               ] [main                ] Scanning file from Artifactory with mimetype 'application/x-gzip'
18:04:18  2024-04-25T10:04:18.409190856Z [jfxia] [DEBUG] [] [indexer_app:109               ] [main                ] Found archive file. Performing deep scan for file /tmp/jfrog.cli.temp.-1714039456-4037755282/1d1111f7-59aa-4762-46ea-a7e3c6e0574d/171403945812120613/my-image-docker.tar
18:04:18  2024-04-25T10:04:18.425828743Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/031e9a2742957ceeb08bb04dcf48ff49c1fe7bf210fce4d02bc107eabb0e5e19
18:04:18  2024-04-25T10:04:18.425896145Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/0cc5dda847f8236ca1d767c2ab43a31ed9a554a12936b29e69fb574da025d8fc
18:04:18  2024-04-25T10:04:18.425926707Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/200d830478eac31d405e96fc394bc7bb0d1ec500db40d1c9aa55dde44e944150
18:04:18  2024-04-25T10:04:18.425954268Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/236632f891b128248c49d14b6ff625270ea5e6a0a7afbf7084d428547498f4c8
18:04:18  2024-04-25T10:04:18.42598685Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/273485579c557b31fb49837f841a0fd35795dc6505e8fe76c607095db13fca47
18:04:18  2024-04-25T10:04:18.426014976Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/3398d076ba1f240f26dd80594e94d378bec8e7956c980e929a3b0bcdd69c848d
18:04:18  2024-04-25T10:04:18.42605634Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/369d2d52deeacc7a6ff4838075667eb0338cd388b659a0a0dfa27fdcf5da0a7c
18:04:18  2024-04-25T10:04:18.428872812Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/3a914c284589238098f4f4ddc18b444deac8a7cb3ed1a60324c6e4ab133c994b
18:04:18  2024-04-25T10:04:18.428945367Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/5a045411e473246048e69d68336ee1cd468d3fe98afc3243439ad9215438dd31
18:04:18  2024-04-25T10:04:18.428988614Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/634cd86b27edef01d02c14d09c97642662b608ebe0dd1cb55cc8a1406496bc6d
18:04:18  2024-04-25T10:04:18.429023682Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/648cb14a9487cb0c07f78e1fe1e268e954ba96c4b5ac0c0a1fb2a0d6aa9aec9a
18:04:18  2024-04-25T10:04:18.42907289Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/6fe0f403036bfadb5ccf0363db2a6bbb5553997d34645cb66cce704521d62159
18:04:18  2024-04-25T10:04:18.429113091Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/77ce4d7b54d51e457d4fd9372061738697e4659e48770fe130d613cc4dc2352c
18:04:18  2024-04-25T10:04:18.429144201Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/7de24e36349b08d9a11de77bad3ede3bed4ca190c739146d3c0cbaadb2ba8e24
18:04:18  2024-04-25T10:04:18.429175353Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/7e400934d3c07e43ff5cdac2371b54e7800a222bd018c13355d63362efb6ff18
18:04:18  2024-04-25T10:04:18.432221158Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/84709a565a284ec4ca19eb0f7b76cfc355713e5033a00bd3f8da7821bb2fc450
18:04:18  2024-04-25T10:04:18.43228917Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/84855e0a6c9ef51d5915c6e21f8c544185680c8ba9dde922e7c9d547d709751b
18:04:18  2024-04-25T10:04:18.441324859Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/95a7baf9b63f99b521d030d211457d48a916a5c8e8da914f22e61d79c4a3a66f
18:04:18  2024-04-25T10:04:18.441418345Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/b1329246690cd2cb0af7747ec20f99928552e1a364f66fcd5222ea25b0d4492b
18:04:18  2024-04-25T10:04:18.44146826Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/c650baa2ed45155f417d81f05aadeba728a81b065ad16cdaf40c3e851fb20fa2
18:04:18  2024-04-25T10:04:18.441509378Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/d4fc045c9e3a848011de66f34b81f052d4f2c15a17bb196d637e526349601820
18:04:18  2024-04-25T10:04:18.443852574Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/def06013040ecab853591b2083d68d01181e3a292f3ed3181a3674758a72afee
18:04:18  2024-04-25T10:04:18.443925958Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/e3be2c612adbe7fd51805724cf31d607fd8d847ae442a681edea53b292eb579b
18:04:18  2024-04-25T10:04:18.443956213Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable blobs/sha256/fe01e5b3f9416eed04af21262fcf530394fa312d7d72dbb4cad10a9235bb97f7
18:04:18  2024-04-25T10:04:18.444287497Z [jfxia] [DEBUG] [] [archive_mgr:1264              ] [main                ] Found archive file. Performing deep scan for file /tmp/jfrog.cli.temp.-1714039456-4037755282/1d1111f7-59aa-4762-46ea-a7e3c6e0574d/171403945844409538/manifest.json
18:04:18  2024-04-25T10:04:18.44433378Z [jfxia] [WARN ] [] [archive_mgr:631               ] [main                ] Archive manifest.json exceeded internal depth limitation, extraction stopped.
18:04:18  2024-04-25T10:04:18.444370043Z [jfxia] [DEBUG] [] [archive_mgr:232               ] [main                ] No classification found for manifest.json, classified as generic
18:04:18  2024-04-25T10:04:18.444399368Z [jfxia] [DEBUG] [] [archive_mgr:232               ] [main                ] manifest.json was classified as Generic
18:04:18  2024-04-25T10:04:18.444418812Z [jfxia] [DEBUG] [] [archive_mgr:232               ] [main                ] total running time for indexing tree construction of  manifest.json: 5.2195e-05 seconds
18:04:18  2024-04-25T10:04:18.444484342Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable oci-layout
18:04:18  2024-04-25T10:04:18.444510307Z [jfxia] [DEBUG] [] [archive_mgr:1245              ] [main                ] checking if the file is supported executable repositories
18:04:18  2024-04-25T10:04:18.444582597Z [jfxia] [DEBUG] [] [archive_mgr:232               ] [main                ] No classification found for my-image-docker.tar, classified as generic
18:04:18  2024-04-25T10:04:18.444603318Z [jfxia] [DEBUG] [] [archive_mgr:232               ] [main                ] my-image-docker.tar was classified as Generic
18:04:18  2024-04-25T10:04:18.444625557Z [jfxia] [DEBUG] [] [archive_mgr:232               ] [main                ] total running time for indexing tree construction of  my-image-docker.tar: 6.1759e-05 seconds
18:04:18  2024-04-25T10:04:18.444643814Z [jfxia] [DEBUG] [] [archive_mgr:195               ] [main                ] total running time for indexing my-image-docker.tar: 0.035380064 seconds
18:04:18  
18:04:18  18:04:18 [Debug] Sending HTTP POST request to: https://example.artifactory.com/xray/api/v1/scan/graph?scan_type=binary
18:04:18  18:04:18 [Info] Waiting for scan to complete on JFrog Xray...
18:04:18  18:04:18 [Debug] Sending HTTP GET request to: https://example.artifactory.com/xray/api/v1/scan/graph/f53eac31-1dff-4c47-6966-6e1d0b77f1b7?include_vulnerabilities=true
18:04:18  
18:04:18  Vulnerable Components
18:04:18  +---------------------------------------+
18:04:18  |  No vulnerable components were found  |
18:04:18  +---------------------------------------+
18:04:18  18:04:18 [Info] Scan completed successfully.

Reproduction steps

  • install docker engine 25 and above
  • run jf docker scan <some image>

Expected behavior

jf docker scan work as expect

JFrog CLI version

2.56.0

Operating system type and version

ubuntu 22.04

JFrog Artifactory version

7.38.10

JFrog Xray version

3.54.5
@joelee2012 joelee2012 added the bug Something isn't working label Apr 25, 2024
@dortam888
Copy link
Contributor

Hello Joel.

From the shared logs: Archive manifest.json exceeded internal depth limitation, extraction stopped.
Can you try to run the command as follows:
jf docker scan example.artifactory.com/docker-release/test-npm:0.1.4-20240425144822-b5df44 --bypass-archive-limits

@joelee2012
Copy link
Author

joelee2012 commented Apr 29, 2024
edited
Loading

@dortam888 thanks for replying
but seem this option requires Xray 3.59.0 or higher

14:25:41  + jf docker scan example.artifactory.com/docker-release/test-npm:0.1.4-20240425144822-b5df44 --bypass-archive-limits
14:25:41  14:25:41 [Info] Creating image archive...
14:25:42  14:25:42 [Error] You are using JFrog Xray version 3.54.5, while this operation requires version 3.59.0 or higher.

@shuvadipc shuvadipc transferred this issue from jfrog/jfrog-cli Feb 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@joelee2012 @dortam888