Skip to content

Secret Scanning alerts migration bug #1331

Closed
@theztefan

Description

@theztefan

Description

There is a bug in the gh gei migrate-secret-alerts when BuildSecretScanningAlertLocation as we are trying to access access properties in the that don't exist in certain alert location types i.e. they don't exist in the JSON response from the REST API.

[2025-03-27 14:39:08] [DEBUG] RESPONSE (OK): [{"type":"commit","details":{"path":"storage/src/main/resources/.env","start_line":6,"end_line":6,"start_column":17,"end_column":49,"blob_sha":"40ecdbab769bc2cb0e4e2114fd6986ae1acc3df2","blob_url":"https://api.github.com/repos/theztefan-enterprise-test/origin/git/blobs/40ecdbab769bc2cb0e4e2114fd6986ae1acc3df2","commit_sha":"b350b85436a872ccdc1a0cfa73f59264b8dbf4eb","commit_url":"https://api.github.com/repos/theztefan-enterprise-test/origin/git/commits/b350b85436a872ccdc1a0cfa73f59264b8dbf4eb"}},{"type":"pull_request_comment","details":{"pull_request_comment_url":"https://api.github.com/repos/theztefan-enterprise-test/origin/issues/comments/2758069588"}}]
[2025-03-27 14:39:09] [ERROR] System.ArgumentNullException: Value cannot be null. (Parameter 'value')
   at Newtonsoft.Json.Linq.JToken.EnsureValue(JToken value)
   at Newtonsoft.Json.Linq.JToken.op_Explicit(JToken value)
   at OctoshiftCLI.Services.GithubApi.BuildSecretScanningAlertLocation(JToken alertLocation)
   at OctoshiftCLI.Services.GithubApi.<>c.<GetSecretScanningAlertsLocations>b__47_0(JToken alertLocation)
   at System.Linq.AsyncEnumerable.SelectEnumerableAsyncIterator`2.MoveNextCore() in /_/Ix.NET/Source/System.Linq.Async/System/Linq/Operators/Select.cs:line 223
   at System.Linq.AsyncIteratorBase`1.MoveNextAsync() in /_/Ix.NET/Source/System.Linq.Async/System/Linq/AsyncIterator.cs:line 70
   at System.Linq.AsyncIteratorBase`1.MoveNextAsync() in /_/Ix.NET/Source/System.Linq.Async/System/Linq/AsyncIterator.cs:line 75
   at System.Linq.AsyncEnumerable.<ToListAsync>g__Core|424_0[TSource](IAsyncEnumerable`1 source, CancellationToken cancellationToken) in /_/Ix.NET/Source/System.Linq.Async/System/Linq/Operators/ToList.cs:line 36
   at System.Linq.AsyncEnumerable.<ToListAsync>g__Core|424_0[TSource](IAsyncEnumerable`1 source, CancellationToken cancellationToken) in /_/Ix.NET/Source/System.Linq.Async/System/Linq/Operators/ToList.cs:line 36
   at OctoshiftCLI.Services.GithubApi.GetSecretScanningAlertsLocations(String org, String repo, Int32 alertNumber)
   at OctoshiftCLI.Services.SecretScanningAlertService.GetAlertsWithLocations(GithubApi api, String org, String repo)
   at OctoshiftCLI.Services.SecretScanningAlertService.MigrateSecretScanningAlerts(String sourceOrg, String sourceRepo, String targetOrg, String targetRepo, Boolean dryRun)
   at OctoshiftCLI.GithubEnterpriseImporter.Commands.MigrateSecretAlerts.MigrateSecretAlertsCommandHandler.Handle(MigrateSecretAlertsCommandArgs args)
   at OctoshiftCLI.Extensions.CommandExtensions.RunHandler[TArgs,THandler](TArgs args, ServiceProvider sp, CommandBase`2 command)
   at OctoshiftCLI.Extensions.CommandExtensions.<>c__DisplayClass1_0`3.<<ConfigureCommand>b__0>d.MoveNext()
--- End of stack trace from previous location ---
   at System.CommandLine.Invocation.AnonymousCommandHandler.InvokeAsync(InvocationContext )
   at System.CommandLine.Invocation.InvocationPipeline.<>c__DisplayClass4_0.<<BuildInvocationChain>b__0>d.MoveNext()
--- End of stack trace from previous location ---
   at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass17_0.<<UseParseErrorReporting>b__0>d.MoveNext()
--- End of stack trace from previous location ---
   at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass12_0.<<UseHelp>b__0>d.MoveNext()
--- End of stack trace from previous location ---
   at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass22_0.<<UseVersionOption>b__0>d.MoveNext()
--- End of stack trace from previous location ---
   at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass19_0.<<UseTypoCorrections>b__0>d.MoveNext()
--- End of stack trace from previous location ---
   at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c.<<UseSuggestDirective>b__18_0>d.MoveNext()
--- End of stack trace from previous location ---
   at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass16_0.<<UseParseDirective>b__0>d.MoveNext()
--- End of stack trace from previous location ---
   at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c.<<RegisterWithDotnetSuggest>b__5_0>d.MoveNext()
--- End of stack trace from previous location ---
   at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass8_0.<<UseExceptionHandler>b__0>d.MoveNext()

Reproduction Steps

Run gh gei migrate-secret-alerts of origin repository which has a Secret Scanning alert with locations other than commit or wiki_commit.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions