new container image source that uses docker to pull remote images #8024
elchenberg
started this conversation in
Ideas
Replies: 1 comment
-
|
we have recently decided to accept #7966 which will make this feature request unneeded, if I understand your request correctly. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Description
Currently there are four image sources:
docker,containerd,podman,remote.As far as I can tell the first three check if the image already exists locally (but do not pull images) and only the fourth one (remote) downloads remote images. I would like to introduce a new image source
docker+remote(I am open for suggestions if this is not a good name).My idea is that this new image source works exactly as the
dockersource but when the image cannot be found locally it tries to pull the image (using the Docker daemon).My main reason is: I have spent some time to set up pull-through cache registry mirrors for some registries (e.g. Docker Hub). I know how to configure Docker/Buildkit/Containerd/etc. to use the registry mirrors. When I use Trivy in an CI pipeline with a Docker daemon sidecar (for example) the image has not been pulled yet so the Docker daemon does not know the image (so the
dockerimage source fails). Then Trivy looks for Containerd and Podman but they do no exist so it falls back to the last image sourceremoteand downloads the image directly from the source, although there is a Docker daemon that could pull the image and is configured with the registry mirror.Target
Container Image
Scanner
None
Beta Was this translation helpful? Give feedback.
All reactions