Trivy vuln scan took so long in CI pipeline. #7633
Replies: 1 comment 2 replies
-
|
Hello @davidsuryaputra IIUC you are scanning a Java project. For If you want to avoid this case - you can use a cache for your piplene with a |
Beta Was this translation helpful? Give feedback.
-
|
I had the exact same problem. For us it was a misconfigured Maven cache in the Bitbucket pipeline. But the slowness didn't occur before this. It seems to me as if this problem occured when we started using version |
Beta Was this translation helpful? Give feedback.
-
In my case, it is not Java project. it is just repository with few vulnerable apps project like govwa, go-dvwa and terragoat. If the cause is pom.xml then I suspect pom.xml in terragoat project is the source of problem https://github.com/bridgecrewio/terragoat/blob/master/packages/sub/pom.xml However, it seems the dependency is not that much. is that normal behaviour in my case? or I could do something to make the scan faster. Thanks, |
Beta Was this translation helpful? Give feedback.
-
Question
I ran vuln scans against repository in my CI pipeline. However, the scan took so long.
I'm not sure what was happening. I attach the debug file trivy-debug-vuln.txt.
I just want to know why it took so long and what need to be done from my side. It run almost 30 minutes, and still continue.
Thanks
Target
Git Repository
Scanner
Vulnerability
Output Format
JSON
Mode
Standalone
Operating System
linux/amd64
Version
Beta Was this translation helpful? Give feedback.
All reactions