Running trivy against private gcr repo

[PatrickSplice]

I saw a thread for a similar issue accessing AWS private repos:
#264

I am having a similar issue accessing our private Google gcr.io repos. I have tried configuring workload identity for the starboard k8s service account, but that did not seem to resolve the issue.

`kubectl starboard scan vulnerabilityreports deployment/velero-sandbox -n waylay

E0107 11:24:23.554345 53080 manager.go:186] Container velero terminated with Error: 2021-01-07T17:24:22.584Z FATAL unable to initialize a scanner: unable to initialize a docker scanner: 2 errors occurred:
* unable to inspect the image (gcr.io/gcp-com-waylay-dev/velero:v1.5.2): Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
* GET https://gcr.io/v2/gcp-com-waylay-dev/velero/manifests/v1.5.2: DENIED: Permission denied for "v1.5.2" from request "/v2/gcp-com-waylay-dev/velero/manifests/v1.5.2".`

Any guidance would be appreciated.

Thanks.

[PatrickSplice]

Fixed my own issue. Turns out it was an oversight on my part in forgetting that the gcr repo I was using for this was in a separate project. Once I assigned the storage bucket permissions correctly, it worked fine.

FYI, for anyone. else searching, using workload-identity to access gcr source repos works fine.