Can't clear trivy cache on server

[rfrebyLF]

Question

Hello

We deploy our Trivy instance with Helm from the Trivy repo on our Kubernetes cluster to use it as a server. After some times, its pvc is almost full, and we want to clean the cache.

We try to execute multiple commands directly on the pod:

trivy image --clear-cache
trivy image --reset
trivy server --clear-cache

But nothing seems to work. I think this is due to the fact that there is another trivy process running (the server one):

~ $ ps auxf
PID   USER     TIME  COMMAND
    1 nobody    0:01 trivy server
   14 nobody    0:00 sh
   21 nobody    0:00 sh
   27 nobody    0:01 trivy image --clear-cache
   35 nobody    0:00 ps auxf
~ $

Is there any solution to clean the cache in this situation? The only current solution I see is to remove the pvc.

Thank you for your help

Target

None

Scanner

None

Output Format

None

Mode

Client/Server

Operating System

No response

Version

Version: 0.45.0
Vulnerability DB:
  Version: 2
  UpdatedAt: 2024-02-12 06:11:56.236004046 +0000 UTC
  NextUpdate: 2024-02-12 12:11:56.236003655 +0000 UTC
  DownloadedAt: 2024-02-12 07:11:58.625700835 +0000 UTC

[DmitriyLewen]

Hello @rfrebyLF

But nothing seems to work. I think this is due to the fact that there is another trivy process running (the server one):

You are right. Trivy blocks cache files in server mode.
You need to stop Trivy app in server mode -> run Trivy image --clear-cache command -> start the Trivy in server mode again.

Regards, Dmitriy

[rfrebyLF]

Thank you @DmitriyLewen,

We can't stop the trivy server as it's the pid 1, it will instantly kill the pod. We will delete the pvc, seems to be the best things to do now.

I will check to change the liveness probe to test the server in order to be able to kill the process without killing the pod.