semaphore acquire: context deadline exceeded

[salmankhwaja]

Description

1. Downloaded a Docker image "docker pull asnaishrat/asna:v1"
2. Scanned it via Trivy. " trivy image asnaishrat/asna:v1"
3. Trivy gave an error
4. trivy image --reset
5. trivy image asnaishrat/asna:v1

Desired Behavior

Trivy would output the vulnerabilities, licenses, and any other related issues with the container.

Actual Behavior

Trivy didn't scan the image. It spitted out the error of

"semaphore acquire: context deadline exceeded "

Reproduction Steps

1. docker pull asnaishrat/asna:v1
2. docker images // run to ensure docker image is downloaded. 
3.  trivy image asnaishrat/asna:v1

Target

Container Image

Scanner

Vulnerability

Output Format

Table (Default)

Mode

Standalone

Debug Output

[root@master-node ~]# trivy image asnaishrat/asna:v1 --debug
2023-05-29T12:06:35.204+0500    DEBUG   Severities: ["UNKNOWN" "LOW" "MEDIUM" "HIGH" "CRITICAL"]
2023-05-29T12:06:37.158+0500    DEBUG   cache dir:  /root/.cache/trivy
2023-05-29T12:06:37.210+0500    DEBUG   DB update was skipped because the local DB is the latest
2023-05-29T12:06:37.210+0500    DEBUG   DB Schema: 2, UpdatedAt: 2023-05-29 06:07:56.726462056 +0000 UTC, NextUpdate: 2023-05-29 12:07:56.726461656 +0000 UTC, DownloadedAt: 2023-05-29 06:58:46.058685069 +0000 UTC
2023-05-29T12:06:37.336+0500    INFO    Vulnerability scanning is enabled
2023-05-29T12:06:37.336+0500    DEBUG   Vulnerability type:  [os library]
2023-05-29T12:06:37.336+0500    INFO    Secret scanning is enabled
2023-05-29T12:06:37.336+0500    INFO    If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2023-05-29T12:06:37.336+0500    INFO    Please see also https://aquasecurity.github.io/trivy/v0.41/docs/secret/scanning/#recommendation for faster secret detection
2023-05-29T12:06:39.111+0500    DEBUG   No secret config detected: trivy-secret.yaml
2023-05-29T12:06:39.111+0500    DEBUG   Image ID: sha256:bd3ba5ab0d9caec169cab556809245290588e0d78f8fdd953922803b26f78149
2023-05-29T12:06:39.111+0500    DEBUG   Diff IDs: [sha256:f972d139738dfcd1519fd2461815651336ee25a8b54c358834c50af094bb262f sha256:ee91fde71dbed5eac3d296eeeef4cb75f6d823ccba395c3f5907776edc91f029 sha256:2e080d596c63258624b9fc2b431315b885ade61e6d3a9acd56327c508de5e97b sha256:f61f2785ef9b715c9786afecc54127aad2f7546ee35c425b839200ad15c5beed sha256:68c0398b4d2d51c7adab1b61121721a68fc21c9866fa498e1cba13b098843459 sha256:f4fec09eab0d91b9f7635a972b1277d85bda2a92f518d722123dec19f7e79aea sha256:b0c573cc48d11b9fbc898c6cb390e13d1b322c914348e1df1b10732ad860bb05 sha256:19e5d164e6a50c218d4b60d85e72991b9e67a709fcebd8489fad081614ef3149 sha256:838473b89dfad83909cf69acf1d0607b3622ad3c9c796a5e4004c3071ce18a94 sha256:6d6c0741f3ab00f6b563518f64832944ec08af0f49a6ad20296485653c414406 sha256:bd83e3c47d8c177f24df7d4ceab9c9125bb4786c420419d5e267d10afcf197c2 sha256:9cb3a08a373c141f3ea66cf49b1ff194ccdba12fd6049ebadd04827075ed787a sha256:161314e5141410d3ca36456af1b38f4fb584c73883ae486538e0314a8d704379 sha256:9d42b94c043eeb553c055eb08b0eb9e03f330cf0c477420e82491a649e259fe1 sha256:b6e28ef9b1eb88a4a78b9e34d01ff6549863c38d7506b7ac4a2874c545147e24 sha256:49e1c95449609808d106fcfba0b777e5d2dc814781f5dfa6f0a050a26d513edd sha256:a04ca8f4d2a0e60c6aade6cd1405a2d8e5fd9ee5bee003e1b2812ea13205044f sha256:b9aed75bf6e613d463f75f800fac2ab63666ae79a2eebfa947f2798c0faa5985 sha256:695322a17baf82cc52e790964c7df053752a1361ac37660483b44df8328f9619 sha256:90d41e3bd80fa4da90da97b1ba973bfe5166f4a5571e5eadef7c2db0d1d4de58 sha256:fba18e1b3b637b80e3dcf72a8006c644b6c2d74b311cc1e2288e159ffc1a8d36 sha256:f6892e40e872683c11b7721de2c26a0ca6b69419881305bc4d5c1247f8957f83 sha256:18b7d2be6ff8e6d6a37001abe02e18fb7867a1c72af29a5ee2a87b6b9f2ad0a4 sha256:76c9c0aa0e3a8fe134edc92d589a0da6f4f980c0a17d9686f2d6fa10ad6d08e0 sha256:ad53b34a8169ceec2dccefc938feebc5a5d71270fecf36bd9b65e9284cae17d9 sha256:63d56b7f244547baf07a13916396016f3814f84a7e5b386fa2e4b517c496c3d8 sha256:e98da9ddbf93c1f530c478461e3c88ba55883f55eb934aebab1cb64aaedfc14b sha256:a3760fd4dd13fd885ed40ebb6f285a84b0054e76a412fcec859e52aba46f088c sha256:0d926ad372d8d3d9cd8331b9a5c3e973d36dab0e5ed6ab6a07a74bc176890822 sha256:bd8026bffb0c1411fe0de4b3af0f6030485304782f5a8a4bb89c24d8b3f78a4f sha256:ce3c56079f0153f4ae904877730a083902ce94ec760aa1229add48ee220972bd sha256:07c80edd519b49c3beaeb086fcd9e921c14710a1ebd9255ca63d9f8ac54d7987 sha256:decf49ffb9a5a45e749e8539c402cd6fa0e250812b0225c6be697bfc2297b745 sha256:01a9070dadbe42ae9f67144411b4043814311798393cd544dddcf77b7f6fedca sha256:c3df9bc37e5f4f9baf4c6316207423a7398ff0348da3a09e7aea1c4e754947d4 sha256:3773d4cfb9f7f503e9817535c091aa8b56eb7ce0b7984ecb9cce266386bb57ab sha256:829912f9035b64f9faa1bb6d8eddba9999c67aef65fcd43d91eac240d8be58ad sha256:5f19522722a08208e11d02bd425d51b648fac36302b787d976a981983537e89d sha256:1fa8288bc22d68be9b0dc369717d6f9b71c04e45b72ebaa994bfd25f9c891e8e sha256:e1ff1924489b869bbd048ceadf9d5dba5a278c2e7a8eb70e59463192fbc36ac2 sha256:709071f4238aca396ef260cbef6ff2f4c5dacb612bd163fd21cd1b6362e4d0d5 sha256:c4ac309bb690dddf3d9eff99a50f1082be338bcb9af05dadb8bf55a75ebcb3fa]
2023-05-29T12:06:39.112+0500    DEBUG   Base Layers: [sha256:f972d139738dfcd1519fd2461815651336ee25a8b54c358834c50af094bb262f]
2023-05-29T12:06:39.119+0500    DEBUG   Missing image ID in cache: sha256:bd3ba5ab0d9caec169cab556809245290588e0d78f8fdd953922803b26f78149
2023-05-29T12:06:39.119+0500    DEBUG   Missing diff ID in cache: sha256:68c0398b4d2d51c7adab1b61121721a68fc21c9866fa498e1cba13b098843459
2023-05-29T12:06:39.119+0500    DEBUG   Missing diff ID in cache: sha256:f972d139738dfcd1519fd2461815651336ee25a8b54c358834c50af094bb262f
2023-05-29T12:06:39.119+0500    DEBUG   Missing diff ID in cache: sha256:ee91fde71dbed5eac3d296eeeef4cb75f6d823ccba395c3f5907776edc91f029
2023-05-29T12:06:39.119+0500    DEBUG   Missing diff ID in cache: sha256:2e080d596c63258624b9fc2b431315b885ade61e6d3a9acd56327c508de5e97b
2023-05-29T12:06:39.119+0500    DEBUG   Missing diff ID in cache: sha256:f61f2785ef9b715c9786afecc54127aad2f7546ee35c425b839200ad15c5beed
2023-05-29T12:11:36.190+0500    WARN    Increase --timeout value
2023-05-29T12:11:36.273+0500    FATAL   image scan error:
    github.com/aquasecurity/trivy/pkg/commands/artifact.Run
        /home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:432
  - scan error:
    github.com/aquasecurity/trivy/pkg/commands/artifact.(*runner).scanArtifact
        /home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:267
  - scan failed:
    github.com/aquasecurity/trivy/pkg/commands/artifact.scan
        /home/runner/work/trivy/trivy/pkg/commands/artifact/run.go:690
  - failed analysis:
    github.com/aquasecurity/trivy/pkg/scanner.Scanner.ScanArtifact
        /home/runner/work/trivy/trivy/pkg/scanner/scan.go:146
  - analyze error:
    github.com/aquasecurity/trivy/pkg/fanal/artifact/image.Artifact.Inspect
        /home/runner/work/trivy/trivy/pkg/fanal/artifact/image/image.go:140
  - semaphore acquire:
    github.com/aquasecurity/trivy/pkg/fanal/artifact/image.Artifact.inspect
        /home/runner/work/trivy/trivy/pkg/fanal/artifact/image/image.go:224
  - context deadline exceeded

Operating System

Operating System: CentOS Stream 8
CPE OS Name: cpe:/o:centos:centos:8
Kernel: Linux 4.18.0-489.el8.x86_64
Architecture: x86-64

Version

[root@master-node ~]# trivy --version
Version: 0.41.0
Vulnerability DB:
  Version: 2
  UpdatedAt: 2023-05-29 06:07:56.726462056 +0000 UTC
  NextUpdate: 2023-05-29 12:07:56.726461656 +0000 UTC
  DownloadedAt: 2023-05-29 06:58:46.058685069 +0000 UTC

Checklist

• Run trivy --reset
• Read the troubleshooting

[knqyf263]

Did you try to increase --timeout as shown in the log message?

[salmankhwaja]

Thanks... by increasing the value, the report came through.

The working command is ...

trivy image asnaishrat/asna:v1 --debug --timeout 15m
trivy image asnaishrat/asna:v1 --timeout 15m

I would still say, the message originally came was quite confusing. Instead, it could have said to provide hint on increasing the timeout value...