K8s cluster scan with NoSchedule toleration specified fails because tolerationSeconds is set #5349
Closed
2 tasks done
Labels
kind/bug
Categorizes issue or PR as related to a bug.
target/kubernetes
Issues relating to kubernetes cluster scanning
Milestone
Discussed in #5346
Originally posted by gnadaban October 6, 2023
Description
Hello. I'm trying to do cluster scanning where some nodes have a
CriticalAddonsOnly
taint with NoSchedule effect.It appears that the toleration seconds is always set here even though it should not be for NoSchedule effects.
Desired Behavior
The scanning of nodes with tolerated taints should successfully complete.
Actual Behavior
Failing due to error.
Reproduction Steps
1.Create a cluster with some nodes that have CriticalAddonsOnly:NoSchedule taints 2. Run `trivy k8s -f table --tolerations "key1=CriticalAddonsOnly:NoSchedule" --ignore-unfixed --report all cluster`
Target
Kubernetes
Scanner
Vulnerability
Output Format
Table
Mode
Standalone
Debug Output
Operating System
macOS Ventura 13.6
Version
Checklist
trivy image --reset
The text was updated successfully, but these errors were encountered: