You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While using trivy statefulset, if we use existentClaim there is nothing that
warns or forbids the issue that multiple instances of trivy cannot access the same pvc (at the same time)
I think we should limit the usage of a PVC with trivy and validate that this is only allowed when trivy.replicas <= 1
Otherwise, users need to use the StorageClass so that we can use the VolumeTemplates or otherwise emptyDir with the possibility of sharing state via the (still under testing) REDIS cache.
I'm not sure that this is solvable with the accessMode: ReadWriteOnce + multiplePods + existingClaim
If it is, the accessMode should be blocked to ReadWriteOnce.
I think, just drop this definition from the configuration as this will always be the case (only one pod should have access the PVC at a time) independent of the claim type
The text was updated successfully, but these errors were encountered:
This issue is being marked stale due to a period of inactivity. If this issue is still relevant, please comment or remove the stale label. Otherwise, this issue will close in 30 days.
While using trivy statefulset, if we use existentClaim there is nothing that
warns or forbids the issue that multiple instances of trivy cannot access the same pvc (at the same time)
aquasecurity/trivy#3894
I think we should limit the usage of a PVC with trivy and validate that this is only allowed when trivy.replicas <= 1
Otherwise, users need to use the StorageClass so that we can use the VolumeTemplates or otherwise emptyDir with the possibility of sharing state via the (still under testing) REDIS cache.
I'm not sure that this is solvable with the accessMode: ReadWriteOnce + multiplePods + existingClaim
The text was updated successfully, but these errors were encountered: