New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Grype DB save/cache fails during matrix jobs #151

Open

saisatishkarra opened this issue Sep 3, 2024 · 0 comments

Assignees

Labels

good first issue

Collaborator

saisatishkarra commented Sep 3, 2024 •

edited

Loading

Summary

The Grype cache in matrix jobs requires unique cache key lock to be acquired while saving cache
Key: <run_id>_<attempt_id> is not UNIQUE during matrix jobs and requires a fix to override / specific key from downstream workflows.

Options

Skip cache by default and always leverage updated cdn

As an emergency failurein case of CDN failures, there won't be caches since they are expired and skipped

Option to override default [<run_id>_<attempt_id>] to make it save unique caches in matrix job
a. specify option to override cache key as input
b. Detect if running in matrix contex and generate unique caches based on some prameter.

Either way, this is also NOT recommended since multipple cache keys might exhaust github default cache limits of 10GB since each file is 150MB and will be unique for run and attempt and each item in matrix

Host a mirror as Kong repo and use this URL

Overhead of effort and maintenance to maintain a list of updated offline grype dbs and consume them

saisatishkarra mentioned this issue

Defaulting to use grype cdn and skip cache by default #152

Merged

saisatishkarra added the good first issue label

saisatishkarra assigned pankajmouriyakong

saisatishkarra mentioned this issue

Mirror third party container images to reduce failures and use in air-gapped mode #158

Open

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment