[CNVM] Trivy local cache file size increases indefinitely #2142
Labels
8.15 candidate
bug
Something isn't working
Team:Cloud Security
Cloud Security team related
Vulnerability Management
Describe the bug
Trivy uses a local file (bbolt db) as a cache in the
/tmp
directory (/tmp/trivy/fanal/fanal.db
) that always increases in size with each cycle.This results in the
tmpfs
file system holding the/tmp
folder getting filled up (1), and Cloudbeat can no longer download the new trivy db (which it does on each cycle). This leads to Cloudbeat's crash loop and not providing cnvm findings. It could also have implications for other applications hosted in the same instance that could use/tmp
for any crucial operation.(2)
/tmp
(tmpfs
) is a ram disk (placed in ram) with a maximum size, usually half of the host's total ram.(Example screenshots of
fanal.db
size before and after some runs)Preconditions
Any cnvm deployment.
To Reproduce
Expected behavior
Cloudbeat will be able to work indefinitely and produce events on each cycle.
Workaround till the fix
Restarting the host machine will delete everything from
/tmp,
and thus thefanal.db
so Cloudbeat can continue to work and produce findings.The text was updated successfully, but these errors were encountered: