Scan failing with 2.9.0 release on .split #1101
Assignees
Labels
bug
Something went wrong
Comments
|
I've also experienced this with Python 3.10.1 and tern 2.9.0. |
|
I'm able to reproduce this. A fix is coming up, followed by a 2.9.1 release once the bug fixes are merged. |
nishakm
pushed a commit
to nishakm/tern
that referenced
this issue
Jan 19, 2022
The config object is the incorrect method of retrieving an image digest as the config and layers itself creates a manifest which is hashed to get the image digest. Instead, we will use skopeo to retireve it. For this, we introduce a function in tern/load/skopeo to do the remote inspection, and parse out the image digest type and digest. Fixes tern-tools#1101 Signed-off-by: Nisha K <nishak@vmware.com>
nishakm
pushed a commit
to nishakm/tern
that referenced
this issue
Jan 20, 2022
The config object is the incorrect method of retrieving an image digest as the config and layers itself creates a manifest which is hashed to get the image digest. Instead, we will use skopeo to retireve it. For this, we introduce a function in tern/load/skopeo to do the remote inspection, and parse out the image digest type and digest. Fixes tern-tools#1101 Signed-off-by: Nisha K <nishak@vmware.com>
rnjudge
pushed a commit
that referenced
this issue
Jan 20, 2022
The config object is the incorrect method of retrieving an image digest as the config and layers itself creates a manifest which is hashed to get the image digest. Instead, we will use skopeo to retireve it. For this, we introduce a function in tern/load/skopeo to do the remote inspection, and parse out the image digest type and digest. Fixes #1101 Signed-off-by: Nisha K <nishak@vmware.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
A clear and concise description of what the bug is.
We run weekly Tern scans against hundreds of images on a Harbor registry (v2.1.3) with the previous Tern release v2.8.0. We upgraded to the v2.9.0 release and are experiencing Traceback split errors from /usr/local/lib/python3.9/re.py. Not all scans are failing, about 40% of the scans fail.
To Reproduce
Steps to reproduce the behavior:
sudo ./docker_run.sh tern-debug "report -i %REGISTRY%/library/fluentd-syslog:v2"
2022-01-06 13:48:11,205 - DEBUG - rootfs - Running command: skopeo copy docker://%REGISTRY%/library/fluentd-syslog:v2 dir:/root/.tern/temp
Traceback (most recent call last):
File "/usr/local/bin/tern", line 8, in
sys.exit(main())
File "/usr/local/lib/python3.9/site-packages/tern/main.py", line 286, in main
do_main(args)
File "/usr/local/lib/python3.9/site-packages/tern/main.py", line 116, in do_main
crun.execute_image(args)
File "/usr/local/lib/python3.9/site-packages/tern/analyze/default/container/run.py", line 70, in execute_image
full_image = cimage.load_full_image(
File "/usr/local/lib/python3.9/site-packages/tern/analyze/default/container/image.py", line 39, in load_full_image
image.load_image(load_until_layer)
File "/usr/local/lib/python3.9/site-packages/tern/classes/oci_image.py", line 105, in load_image
repo_dict = general.parse_image_string(
File "/usr/local/lib/python3.9/site-packages/tern/utils/general.py", line 296, in parse_image_string
tokens = re.split(r'[@:]', image_string)
File "/usr/local/lib/python3.9/re.py", line 231, in split
return _compile(pattern, flags).split(string, maxsplit)
TypeError: expected string or bytes-like object
Expected behavior
Successful Scan
docker pull & inspect using the same image works
Environment you are running Tern on
Tern version 2.9.0
python version = 3.9 (main, Dec 21 2021, 10:35:05)
Operating System (Linux Distro and version or Mac or Windows)
Description: Ubuntu 20.04.3 LTS
Release: 20.04
Codename: focal
Image Registry
Harbor (v2.1.3)
Vagrant file
NA
Container OS
Multiple
Python version (3.6 or higher)
Using Tern Docker build. Python version is 3.9
Virtualenv running Tern (docker_run.sh): Python 3.8.10
Cloud environment (AWS, Azure, GCP)
NA
The text was updated successfully, but these errors were encountered: