Invalid character "S" while parsing vulnerability report output

[deeaitsch84]

Hello everyone,

we have decided to evaluate the trivy operator for a recent project. The installation via ArgoCD was straight forward but now I am getting the following error from the operator logs:

{"level":"error","ts":"2024-10-17T19:55:33Z","msg":"Reconciler error","controller":"job","controllerGroup":"batch","controllerKind":"Job","Job":{"name":"scan-vulnerabilityreport-6b454f584","namespace":"trivy"},"namespace":"trivy","name":"scan-vulnerabilityreport-6b454f584","reconcileID":"0319ce29-8505-4e73-b536-5bcaf6f5229c","error":"invalid character 'S' looking for beginning of value","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:324\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:261\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:222"}

This is already the second iteration (uncompress the logs and display only critical issues) of debugging and I already broke it down, that this first output line of each vulnerability job is the root cause:

SDK 2024/10/17 19:39:01 WARN falling back to IMDSv1: operation error ec2imds: getToken, http response error StatusCode: 405, request to EC2 IMDS failed

Since I am not a go developer I am not quite sure how to disable the logging of the AWS SDK or even configure the log level or disabling IMDS (env AWS_EC2_METADATA_DISABLED ?).

I am using the most recent helm chart (0.24.1) with the app version 0.22.0 and k8s v1.25.3-r0-25.2.19

Thanks in advance for your help
Dennis