我已经将一个docker映像从专用存储库拉到本地,并尝试使用trivy-image命令扫描本地映像。它正在提取数据库,但显示访问本地图像的未授权错误
scan error: unable to initialize a scanner: unable to initialize a docker scanner: 3 errors occurred:
* unable to inspect the image (index.docker.io/library/58625f3e2b28:latest): Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
* unable to initialize Podman client: no podman socket found: stat podman/podman.sock: no such file or directory
* GET https://index.docker.io/v2/library/58625f3e2b28/manifests/latest: UNAUTHORIZED: authentication required; [map[Action:pull Class: Name:library/58625f3e2b28 Type:repository]]
Docker deamon正在运行,映像也在本地。Trivy版本:0.22.0
我将Trivy作为docker容器运行,并使用以下命令扫描本地图像
docker run aquasec/trivy image <<imagename>>
官方文档指出,如果您希望扫描主机上的图像,则必须安装Docker套接字。
命令将如下所示:
docker run -v /var/run/docker.sock:/var/run/docker.sock aquasec/trivy image <<imagename>>