0

I'm trying to do some dev/secops intel gathering using trivy, and I can't directly reach the trivy networks or use a proxy, is there a way to copy the databases directly to a machine with trivy installed and get it to run without the necessity of a first-run needing to update the DB.

I tried putting the cache file from another host on this host and it still said it needed to run at least once.

I've followed the airgapped instructions on https://trivy.dev/latest/getting-started/faq/#how-to-run-trivy-under-air-gapped-environment but I am still getting

trivy fs --skip-db-update --skip-java-db-update --skip-vex-repo-update --cache-dir /root/.cache/trivy/ /opt
2025-02-19T14:55:11-06:00       ERROR   [vulndb] The first run cannot skip downloading DB
2025-02-19T14:55:11-06:00       FATAL   Fatal error     init error: DB error: database error: --skip-update cannot be specified on the first run

is what it tells me

I just want to do trivy fs /etc to scan a few directories (on a lot of computers)

Peter Turner
  • 1,482
  • 4
  • 18
  • 39

1 Answers1

0

Almost as soon as I posted the question, I found the answer in this thread

https://github.com/aquasecurity/trivy/discussions/8174

I had made the exact same mistake the user in this post did and put my db caches in /root/.cache/trivy instead of /root/.cache/trivy/db

I'm not sure why it didn't work when I tried setting the cache dir manually.

Peter Turner
  • 1,482
  • 4
  • 18
  • 39