Trivy Operator is not compatible with Kubernetes v1.31.0 #2251
Labels
kind/bug
Categorizes issue or PR as related to a bug.
Comments
|
Hello, any idea when a patch will be released? |
|
+1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What steps did you take and what happened:
We had a Kubernetes cluster that was recently updated to Kubernetes v1.31.0 and had Trivy Operator v0.22 already running. After the upgrade, I noticed that the vulnerability reports were not being created anymore. Then I looked at the namespace and saw the scan jobs were not being cleaned up but they were all successful. I looked at the trivy-operator log and saw reconcile error stating: "unrecognized scan job condition: SuccessCriteriaMet". I have checked the Kubernetes documents and found the Job Success Policy is in beta for v1.31.0 and turned on by default .(https://kubernetes.io/docs/concepts/workloads/controllers/job/#success-policy)
What did you expect to happen:
After a successful job is complete, trivy-operator will clean up the jobs and create the reports as usual.
Anything else you would like to add:
To see new policy feature: https://kubernetes.io/docs/concepts/workloads/controllers/job/#success-policy
The Job status conditions now have 2 conditions on a success: the first one is the
SuccessCriteriaMettype and the second is theCompletetype.Environment:
trivy-operator version): 0.22.0 (also ran with 0.18.5 as well)kubectl version): 1.31.0The text was updated successfully, but these errors were encountered: