#55102 – "Error occurred while parsing" for 'specify_ami_owners'

Bug 55102 - "Error occurred while parsing" for 'specify_ami_owners'

Summary: "Error occurred while parsing" for 'specify_ami_owners'

Status:	NEW

Alias:	None

Product:	Branch p11
Classification:	Unclassified
Component:	trivy (show other bugs)
Version:	unspecified
Hardware:	x86_64 Linux

Importance:	P5 normal
Assignee:	gamzin@altlinux.org
QA Contact:	qa-p11@altlinux.org

URL:
Keywords:

Depends on:
Blocks:

Reported:	2025-07-09 11:51 MSK by Vladislav Glinkin
Modified:	2025-07-09 11:51 MSK (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Vladislav Glinkin 2025-07-09 11:51:16 MSK

trivy < 0.61.0 подвержен проблеме при сканировании конфигурационных файлов.
https://github.com/aquasecurity/trivy/discussions/8625
https://github.com/aquasecurity/trivy/issues/8632

Версия пакета: trivy-0.60.0-alt1

Шаги воспроизведения:
1) $ git clone https://github.com/knqyf263/trivy-ci-test --depth 1
2) $ trivy clean --all
3) $ trivy config ./trivy-ci-test

Фактический результат:
...
2025-07-09T11:40:16+03:00       ERROR   [rego] Error occurred while parsing. Trying to fallback to embedded check       file_path="home/test/.cache/trivy/policy/content/policies/cloud/policies/aws/ec2/specify_ami_owners.rego" err="home/test/.cache/trivy/policy/content/policies/cloud/policies/aws/ec2/specify_ami_owners.rego:30: rego_type_error: undefined ref: input.aws.ec2.requestedamis[__local622__]\n\tinput.aws.ec2.requestedamis[__local622__]\n\t              ^\n\t              have: \"requestedamis\"\n\t              want (one of): [\"instances\" \"launchconfigurations\" \"launchtemplates\" \"networkacls\" \"securitygroups\" \"subnets\" \"volumes\" \"vpcs\"]"
2025-07-09T11:40:16+03:00       ERROR   [rego] Failed to find embedded check, skipping  file_path="home/test/.cache/trivy/policy/content/policies/cloud/policies/aws/ec2/specify_ami_owners.rego"
2025-07-09T11:40:16+03:00       ERROR   [rego] Error occurred while parsing     file_path="home/test/.cache/trivy/policy/content/policies/cloud/policies/aws/ec2/specify_ami_owners.rego" err="home/test/.cache/trivy/policy/content/policies/cloud/policies/aws/ec2/specify_ami_owners.rego:30: rego_type_error: undefined ref: input.aws.ec2.requestedamis[__local622__]\n\tinput.aws.ec2.requestedamis[__local622__]\n\t              ^\n\t              have: \"requestedamis\"\n\t              want (one of): [\"instances\" \"launchconfigurations\" \"launchtemplates\" \"networkacls\" \"securitygroups\" \"subnets\" \"volumes\" \"vpcs\"]"
...
При этом, судя по результату - сканирование всё-таки выполняется.

Ожидаемый результат:
Отсутствие ошибок при сканировании конфигурационных файлов.

Дополнительно:
В sisyphus (trivy-0.61.0-alt1) не воспроизводится.