Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Vulnerability ScanJob is immediately deleted #2362

Open
tom1299 opened this issue Dec 22, 2024 · 0 comments · May be fixed by #2375
Open

Vulnerability ScanJob is immediately deleted #2362

tom1299 opened this issue Dec 22, 2024 · 0 comments · May be fixed by #2375
Labels
kind/bug Categorizes issue or PR as related to a bug.

Comments

@tom1299
Copy link
Contributor

tom1299 commented Dec 22, 2024

What steps did you take and what happened:
Set operator.scanJobTTL: "5m" in the helm chart values in order to retain the Job and Pod for 5 minutes after completion.
Instead of retaining the Job and Pod, the scan job was immediately deleted.

What did you expect to happen:
The Scanjob and corresponding Pod to remain 5 minutes after reaching the status Completed

Anything else you would like to add:
The vulnerability controller does not honour job.Spec.TTLSecondsAfterFinished. Although the generated job manifest does contain ttlSecondsAfterFinished with the correct value, it nevertheless directly deletes completed jobs. See code here
I alter the code with the following lines before the deletion which solved the problem:

if job.Spec.TTLSecondsAfterFinished != nil && *job.Spec.TTLSecondsAfterFinished != 0 {
    log.V(1).Info("Job has TTL. Omitting deletion", "owner", owner)
    return nil
}

I can open a PR to fix this issue.

Environment:

  • Trivy-Operator version: Custom build based on 7af084e
  • Kubernetes version: Client Version: v1.31.0, Server Version: v1.30.0
  • OS: Fedora 39
@tom1299 tom1299 added the kind/bug Categorizes issue or PR as related to a bug. label Dec 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind/bug Categorizes issue or PR as related to a bug.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant