falcon-image-analyzer pod produces logs.

[Blizter]

Hello,

I am currently working on setting the image analyzer on our Infra, however I am facing a situation where we are able to pull the image from our private registry (after pull from CS then retagging).

When deploying the image analyzer using the helm charts I get the following log in the falcon-image-analyzer :

time="2024-11-20T18:09:23Z" level=info msg="starting ivan agent" commit=ea8a0297f66119dfe6fc76920719881b6562b5c3 os=linux mode=watcher version=1.0.9 architecture=amd64
time="2024-11-20T18:09:23Z" level=info msg="successful cleanup on start" version=1.0.9 architecture=amd64 commit=ea8a0297f66119dfe6fc76920719881b6562b5c3 os=linux mode=watcher
time="2024-11-20T18:09:23Z" level=info msg="server_version = v1.29.8-eks-a737599" mode=watcher
time="2024-11-20T18:09:23Z" level=info msg="getting inventory config" mode=watcher
time="2024-11-20T18:09:23Z" level=error msg="error getting imageanalyzer config. will try again" error="unable to get JWT: unable to refresh JWT from crowdstrike: unable to complete request to crowdstrike Auth: Post \"/oauth2/token\": unsupported protocol scheme \"\"" mode=watcher
time="2024-11-20T18:09:53Z" level=info msg="getting inventory config" mode=watcher
time="2024-11-20T18:09:53Z" level=error msg="error getting imageanalyzer config. will try again" mode=watcher error="unable to get JWT: unable to refresh JWT from crowdstrike: unable to complete request to crowdstrike Auth: Post \"/oauth2/token\": unsupported protocol scheme \"\""
time="2024-11-20T18:10:23Z" level=info msg="getting inventory config" mode=watcher
time="2024-11-20T18:10:23Z" level=error msg="error getting imageanalyzer config. will try again" error="unable to get JWT: unable to refresh JWT from crowdstrike: unable to complete request to crowdstrike Auth: Post \"/oauth2/token\": unsupported protocol scheme \"\"" mode=watcher
time="2024-11-20T18:10:53Z" level=info msg="getting inventory config" mode=watcher
time="2024-11-20T18:10:53Z" level=error msg="error getting imageanalyzer config. will try again" mode=watcher error="unable to get JWT: unable to refresh JWT from crowdstrike: unable to complete request to crowdstrike Auth: Post \"/oauth2/token\": unsupported protocol scheme \"\""
time="2024-11-20T18:11:23Z" level=info msg="getting inventory config" mode=watcher
time="2024-11-20T18:11:23Z" level=error msg="error getting imageanalyzer config. will try again" mode=watcher error="unable to get JWT: unable to refresh JWT from crowdstrike: unable to complete request to crowdstrike Auth: Post \"/oauth2/token\": unsupported protocol scheme \"\""

here is the content of the values.yaml provided to the helm charts :

---
deployment:
  enabled: true
scanStats:
  enabled: true

image:
  repository: <private repo address>
  tag: 1.0.9
crowdstrikeConfig:
  clientID: <client id created for IAR>
  clientSecret: <client secret created for IAR>
  clusterName: <CLuster name>
  env: <us-1 or us-2 or auto? >
  cid: <CID>
  dockerAPIToken: <Docker api token>

serviceAccount:
  name: <sa name>
  annotations:
    <role ARN>

priorityClassName: "be-high"

Are we missing something?

I have been scratching my head since Monday, We checked several time the client id/secret scopes, the configs the doc, etc.

I saw this PR and wondering if something is missing on the doc side that is creating this situation

Thank you for your help.

[gpontejos]

Hi, crowdstrikeConfig.dockerAPIToken is intended for use with the crowdstrike registry. To use your private registry, use image.registryConfigJSON instead.
https://github.com/CrowdStrike/falcon-helm/tree/main/helm-charts/falcon-image-analyzer#note

For future helm specific issues, please open them under the falcon-helm repo: https://github.com/CrowdStrike/falcon-helm/issues

Thanks!

[Blizter]

Hello @gpontejos,

Due to the fact the doc is limited for this error, I don't know if it is due to the falcon-operator or the helm chart.
So any feedback is more than welcome