Skip to content
This repository has been archived by the owner on Jun 5, 2023. It is now read-only.

TraceBack when running forseti server scanner #3842

Closed
krab-skunk opened this issue Dec 11, 2020 · 2 comments
Closed

TraceBack when running forseti server scanner #3842

krab-skunk opened this issue Dec 11, 2020 · 2 comments

Comments

@krab-skunk
Copy link

krab-skunk commented Dec 11, 2020
edited
Loading

First, help us help you by providing the following information when opening an issue.

  • Which version of Forseti Security you're using: 2.23
  • Which module(s) scanner
    1/ I disabled all the python scanner in forseti config file to only allow config_validator (set to true) as those python scanner seems not to be the recommend way anymore.
    2/ I copied one rule from .../policy-library/samples/restrict_fw_rules_world_open.yaml to .../poilicies/constraints/
    3/ edited the policy to add my org id and my folder ID
    4/ systemctl status config-validator is telling me that the service is running fine
    5/ run the scanner
    6/ get following errror:
2020-12-11 12:34:53,803 ERROR [forseti-security][2.23.3] google.cloud.forseti.scanner.scanner(run): Error running scanner: ConfigValidatorScanner: 'Traceback (most recent call last):
  File "/usr/local/lib/python3.6/dist-packages/forseti_security-2.23.3-py3.6.egg/google/cloud/forseti/scanner/scanners/config_validator_util/validator_client.py", line 178, in review
    return self.stub.Review(review_request).violations
  File "/usr/local/lib/python3.6/dist-packages/grpc/_channel.py", line 565, in __call__
    return _end_unary_response_blocking(state, call, False, None)
  File "/usr/local/lib/python3.6/dist-packages/grpc/_channel.py", line 467, in _end_unary_response_blocking
    raise _Rendezvous(state, None, None, deadline)
grpc._channel._Rendezvous: <_Rendezvous of RPC that terminated with:
	status = StatusCode.INTERNAL
	details = "Received RST_STREAM with error code 2"
	debug_error_string = "{"created":"@1607690093.802956305","description":"Error received from peer ipv6:[::1]:50052","file":"src/core/lib/surface/call.cc","file_line":1052,"grpc_message":"Received RST_STREAM with error code 2","grpc_status":
Traceback (most recent call last):
  File "/usr/local/lib/python3.6/dist-packages/forseti_security-2.23.3-py3.6.egg/google/cloud/forseti/scanner/scanners/config_validator_util/validator_client.py", line 178, in review
    return self.stub.Review(review_request).violations
  File "/usr/local/lib/python3.6/dist-packages/grpc/_channel.py", line 565, in __call__
    return _end_unary_response_blocking(state, call, False, None)
  File "/usr/local/lib/python3.6/dist-packages/grpc/_channel.py", line 467, in _end_unary_response_blocking
    raise _Rendezvous(state, None, None, deadline)
grpc._channel._Rendezvous: <_Rendezvous of RPC that terminated with:
	status = StatusCode.INTERNAL
	details = "Received RST_STREAM with error code 2"
	debug_error_string = "{"created":"@1607690093.802956305","description":"Error received from peer ipv6:[::1]:50052","file":"src/core/lib/surface/call.cc","file_line":1052,"grpc_message":"Received RST_STREAM with error code 2","grpc_status":13}"
>

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.6/dist-packages/forseti_security-2.23.3-py3.6.egg/google/cloud/forseti/scanner/scanner.py", line 119, in run
    scanner.run()
  File "/usr/local/lib/python3.6/dist-packages/forseti_security-2.23.3-py3.6.egg/google/cloud/forseti/scanner/scanners/config_validator_scanner.py", line 183, in run
    for flattened_violations in self._retrieve_flattened_violations():
  File "/usr/local/lib/python3.6/dist-packages/forseti_security-2.23.3-py3.6.egg/google/cloud/forseti/scanner/scanners/config_validator_scanner.py", line 164, in _retrieve_flattened_violations
    for violations in self.validator_client.paged_review(cv_assets):
  File "/usr/local/lib/python3.6/dist-packages/forseti_security-2.23.3-py3.6.egg/google/cloud/forseti/scanner/scanners/config_validator_util/validator_client.py", line 123, in paged_review
    violations = self.review(paged_assets)
  File "/home/ubuntu/forseti-security/.eggs/retrying-1.3.3-py3.6.egg/retrying.py", line 49, in wrapped_f
    return Retrying(*dargs, **dkw).call(f, *args, **kw)
  File "/home/ubuntu/forseti-security/.eggs/retrying-1.3.3-py3.6.egg/retrying.py", line 206, in call
    return attempt.get(self._wrap_exception)
  File "/home/ubuntu/forseti-security/.eggs/retrying-1.3.3-py3.6.egg/retrying.py", line 247, in get
    six.reraise(self.value[0], self.value[1], self.value[2])
  File "/usr/local/lib/python3.6/dist-packages/six.py", line 703, in reraise
    raise value
  File "/home/ubuntu/forseti-security/.eggs/retrying-1.3.3-py3.6.egg/retrying.py", line 200, in call
    attempt = Attempt(fn(*args, **kwargs), attempt_number, False)
  File "/usr/local/lib/python3.6/dist-packages/forseti_security-2.23.3-py3.6.egg/google/cloud/forseti/scanner/scanners/config_validator_util/validator_client.py", line 185, in review
    LOGGER.exception('ConfigValidatorAuditError: %s', e.message)
AttributeError: '_Rendezvous' object has no attribute 'message'

Any help would be greatly appreciated

Thanks in advance
@krab-skunk
Copy link
Author

happen the same with [forseti-security][2.25.2]

@krab-skunk
Copy link
Author

Moving that to config validator

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@krab-skunk