Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trivy Operator error "kind":"Vulnerabili... doesn't match a REGO input files rule" #498

Open
ichasco-heytrade opened this issue Nov 18, 2022 · 3 comments
Open

Trivy Operator error "kind":"Vulnerabili... doesn't match a REGO input files rule" #498

ichasco-heytrade opened this issue Nov 18, 2022 · 3 comments

Comments

@ichasco-heytrade
Copy link

ichasco-heytrade commented Nov 18, 2022
edited
Loading

Description

When running trivy operator scan, postee can't match the results with rego input

Postee Configuration:

    routes:
    - name: Trivy Operator Alerts
      input: input.report.summary.criticalCount > 0 # You can customize this based on your needs
      actions: [send-slack-msg]
      template: trivy-operator-slack

      # Templates are used to format a message
    templates:
    - name: trivy-operator-slack
      rego-package: postee.trivyoperator.slack

    # Actions are target services that should consume the messages
    actions:
    - name: send-slack-msg
      type: slack
      enable: true
      url: SLACK_WEBHOOK

What did you expect to happen?

To be able to send the results through slack

What happened instead?

Gives an error:

postee-0 postee 2022/11/18 18:26:46 route "Trivy Operator Alerts" contains reference to undefined or misconfigured template "trivy-operator-slack".
postee-0 postee 2022/11/18 18:26:46 route "stdout" contains reference to undefined or misconfigured template "raw-json".
postee-0 postee 2022/11/18 18:26:46 Input {"kind":"Vulnerabili... doesn't match a REGO input files rule

Postee version: v2.9.0
Trivy operator version: 0.6.0
@ichasco-heytrade
Copy link
Author

ichasco-heytrade commented Nov 19, 2022
edited
Loading

The problem is because the template of trivy-operator doesn't exists:

postee-0 postee 2022/11/19 16:22:04 Starting Router....
postee-0 postee 2022/11/19 16:22:04 Loading alerts configuration file /data/cfg.yaml ....
postee-0 postee 2022/11/19 16:22:04 Configuring template trivy-operator-slack 
postee-0 postee 2022/11/19 16:22:04 Can not initialize template trivy-operator-slack: no results 

drwxr-xr-x    1 postee   postee      4.0K Nov 19 16:22 .
drwxr-xr-x    1 postee   postee      4.0K Nov 19 16:22 ..
drwxr-xr-x    1 postee   postee      4.0K Sep 14 23:26 common
drwxr-xr-x    3 root     root        4.0K Nov 18 18:05 custom
drwxr-xr-x    1 postee   postee      4.0K Sep 14 23:26 example
-rw-r--r--    1 postee   postee       199 Sep 14 23:26 raw-message-html.rego
-rw-r--r--    1 postee   postee        93 Sep 14 23:26 raw-message-json.rego
-rw-r--r--    1 postee   postee       416 Sep 14 23:26 tracee-html.rego
-rw-r--r--    1 postee   postee       654 Sep 14 23:26 tracee-slack.rego
-rw-r--r--    1 postee   postee      2.6K Sep 14 23:26 vuls-cyclonedx.rego
-rw-r--r--    1 postee   postee       467 Sep 14 23:26 vuls-html-aggregation.rego
-rw-r--r--    1 postee   postee      5.9K Sep 14 23:26 vuls-html.rego
-rw-r--r--    1 postee   postee       154 Sep 14 23:26 vuls-opsgenie.rego
-rw-r--r--    1 postee   postee       517 Sep 14 23:26 vuls-slack-aggregation.rego
-rw-r--r--    1 postee   postee      7.9K Sep 14 23:26 vuls-slack.rego

Could you create a image with it? Thanks!

@ichasco-heytrade
Copy link
Author

As Work Around solution, I have added it manually to custom folder and it started working

@HW-Jeremy
Copy link

Seem's related to my issue : #532

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ichasco-heytrade @HW-Jeremy