wombatu-kun commented on PR #16660: URL: https://github.com/apache/iceberg/pull/16660#issuecomment-4686842470
Another hit, this time on #16771 (an unrelated CI-infrastructure PR of mine): job `flink-runtime-2.1` in the CVE Scan workflow failed pulling the Trivy image - https://github.com/apache/iceberg/actions/runs/27341442261/job/80779013238 ``` Running Trivy in sandboxed container (aquasec/trivy:0.69.3@sha256:bcc376...)... Unable to find image 'aquasec/trivy:...' locally docker: Error response from daemon: Get "https://registry-1.docker.io/v2/": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers) ##[error]Process completed with exit code 125. ``` Same signature as #16657 / #16652 / #16669. Note the log shows `Cache hit for: cache-trivy-2026-06-11` right before the failure - that restored cache is Trivy's vulnerability DB, not the scanner image, so `docker run` still pulls `aquasec/trivy` from Docker Hub and that pull times out. This PR's bounded pre-pull retry is exactly what absorbs it. @kevinjqliu since you own the CVE scan (#16291, #16287), could you take a quick look when you get a chance? @stevenzwu as backup. It's +19/-0 in `cve-scan.yml` and keeps red-marking otherwise-green, unrelated PRs. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
