Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Docker execution failing without errors or results #1243

Closed
brandtkeller opened this issue Oct 15, 2024 · 1 comment
Closed

Docker execution failing without errors or results #1243

brandtkeller opened this issue Oct 15, 2024 · 1 comment

Comments

@brandtkeller
Copy link

brandtkeller commented Oct 15, 2024
edited
Loading

Summary

Investigating the use of gosec in an open source project and seeing failures (or non-success exit code 1) when executing from action/docker vs 0 exit code when running from the binary.

Draft PR

Please let me know if I am overlooking an expectation for runtime/evaluation.

Logs 
[gosec] 2024/10/15 19:42:55 Including rules: default
[gosec] 2024/10/15 19:42:55 Excluding rules: default
[gosec] 2024/10/15 19:42:55 Including analyzers: default
[gosec] 2024/10/15 19:42:55 Excluding analyzers: default
[gosec] 2024/10/15 19:42:55 Import directory: /github/workspace/src/internal/testhelpers
[gosec] 2024/10/15 19:42:55 Import directory: /github/workspace/src/cmd/version
[gosec] 2024/10/15 19:42:55 Import directory: /github/workspace/src/pkg/domains/api
[gosec] 2024/10/15 19:42:55 Import directory: /github/workspace/src/pkg/domains/files
[gosec] 2024/10/15 19:43:37 Checking package: testhelpers
[gosec] 2024/10/15 19:43:37 Checking file: /github/workspace/src/internal/testhelpers/testhelpers.go
[gosec] 2024/10/15 19:43:37 Import directory: /github/workspace/src/pkg/common/network
[gosec] 2024/10/15 19:43:37 Checking package: version
[gosec] 2024/10/15 19:43:37 Checking file: /github/workspace/src/cmd/version/version.go
[gosec] 2024/10/15 19:43:37 Import directory: /github/workspace/src/pkg/common/result
[gosec] 2024/10/15 19:43:37 Import directory: /github/workspace/src/pkg/domains/kubernetes
[gosec] 2024/10/15 19:43:37 Checking package: files
[gosec] 2024/10/15 19:43:37 Checking file: /github/workspace/src/pkg/domains/files/files.go
[gosec] 2024/10/15 19:43:38 Checking file: /github/workspace/src/pkg/domains/files/spec.go
[gosec] 2024/10/15 19:43:38 Checking package: api
[gosec] 2024/10/15 19:43:38 Checking file: /github/workspace/src/pkg/domains/api/api.go
[gosec] 2024/10/15 19:43:38 Import directory: /github/workspace/src/test/util
[gosec] 2024/10/15 19:43:38 Checking file: /github/workspace/src/pkg/domains/api/types.go
[gosec] 2024/10/15 19:43:38 Checking package: network
[gosec] 2024/10/15 19:43:38 Checking file: /github/workspace/src/pkg/common/network/network.go
[gosec] 2024/10/15 19:43:38 Import directory: /github/workspace/src/cmd/generate
[gosec] 2024/10/15 19:43:38 Checking package: result
[gosec] 2024/10/15 19:43:38 Checking file: /github/workspace/src/pkg/common/result/observation-pair.go
[gosec] 2024/10/15 19:43:38 Import directory: /github/workspace/src/cmd
[gosec] 2024/10/15 19:43:38 Checking file: /github/workspace/src/pkg/common/result/result-comparison.go
[gosec] 2024/10/15 19:43:39 Checking package: kube
[gosec] 2024/10/15 19:43:39 Checking file: /github/workspace/src/pkg/domains/kubernetes/cluster.go
[gosec] 2024/10/15 19:43:39 Import directory: /github/workspace/src/cmd/validate
[gosec] 2024/10/15 19:43:39 Checking file: /github/workspace/src/pkg/domains/kubernetes/create.go
[gosec] 2024/10/15 19:43:39 Checking file: /github/workspace/src/pkg/domains/kubernetes/resource.go
[gosec] 2024/10/15 19:43:39 Checking file: /github/workspace/src/pkg/domains/kubernetes/spec.go
[gosec] 2024/10/15 19:43:40 Checking file: /github/workspace/src/pkg/domains/kubernetes/wait.go
[gosec] 2024/10/15 19:43:40 Checking package: util
[gosec] 2024/10/15 19:43:40 Checking file: /github/workspace/src/test/util/utils.go
[gosec] 2024/10/15 19:43:40 Import directory: /github/workspace/src/config
[gosec] 2024/10/15 19:43:40 Checking package: generate
[gosec] 2024/10/15 19:43:40 Checking file: /github/workspace/src/cmd/generate/generate.go
[gosec] 2024/10/15 19:43:40 Import directory: /github/workspace/src/internal/template
[gosec] 2024/10/15 19:43:41 Import directory: /github/workspace/src/pkg/providers/kyverno
[gosec] 2024/10/15 19:43:41 Checking package: cmd
[gosec] 2024/10/15 19:43:41 Checking file: /github/workspace/src/cmd/internal.go
[gosec] 2024/10/15 19:43:41 Checking file: /github/workspace/src/cmd/root.go
[gosec] 2024/10/15 19:43:41 Checking package: config
[gosec] 2024/10/15 19:43:41 Checking file: /github/workspace/src/config/config.go
[gosec] 2024/10/15 19:43:41 Import directory: /github/workspace/src/pkg/providers/opa
[gosec] 2024/10/15 19:43:41 Import directory: /github/workspace/src/cmd/tools
[gosec] 2024/10/15 19:43:41 Checking package: validate
[gosec] 2024/10/15 19:43:41 Checking file: /github/workspace/src/cmd/validate/validate.go
[gosec] 2024/10/15 19:43:41 Checking package: kyverno
[gosec] 2024/10/15 19:43:41 Checking file: /github/workspace/src/pkg/providers/kyverno/kyverno.go
[gosec] 2024/10/15 19:43:41 Import directory: /github/workspace/src/internal/inject
[gosec] 2024/10/15 19:43:41 Checking file: /github/workspace/src/pkg/providers/kyverno/types.go
[gosec] 2024/10/15 19:43:41 Import directory: /github/workspace/src/internal/tui
[gosec] 2024/10/15 19:43:41 Checking package: template
[gosec] 2024/10/15 19:43:41 Checking file: /github/workspace/src/internal/template/helpers.go
[gosec] 2024/10/15 19:43:42 Checking file: /github/workspace/src/internal/template/template.go
[gosec] 2024/10/15 19:43:42 Checking package: tools
[gosec] 2024/10/15 19:43:42 Checking file: /github/workspace/src/cmd/tools/common.go
[gosec] 2024/10/15 19:43:42 Import directory: /github/workspace/src/internal/tui/common
[gosec] 2024/10/15 19:43:42 Checking file: /github/workspace/src/cmd/tools/compose.go
[gosec] 2024/10/15 19:43:42 Checking file: /github/workspace/src/cmd/tools/lint.go
[gosec] 2024/10/15 19:43:42 Checking file: /github/workspace/src/cmd/tools/template.go
[gosec] 2024/10/15 19:43:43 Checking file: /github/workspace/src/cmd/tools/upgrade.go
[gosec] 2024/10/15 19:43:43 Checking file: /github/workspace/src/cmd/tools/uuid.go
[gosec] 2024/10/15 19:43:43 Checking package: opa
[gosec] 2024/10/15 19:43:43 Checking file: /github/workspace/src/pkg/providers/opa/opa.go
[gosec] 2024/10/15 19:43:43 Import directory: /github/workspace/src/pkg/message
[gosec] 2024/10/15 19:43:43 Checking file: /github/workspace/src/pkg/providers/opa/types.go
[gosec] 2024/10/15 19:43:43 Checking package: inject
[gosec] 2024/10/15 19:43:43 Checking file: /github/workspace/src/internal/inject/inject.go
[gosec] 2024/10/15 19:43:43 Import directory: /github/workspace/src/test/e2e
[gosec] 2024/10/15 19:43:43 Checking package: tui
[gosec] 2024/10/15 19:43:43 Checking file: /github/workspace/src/internal/tui/model.go
[gosec] 2024/10/15 19:43:43 Import directory: /github/workspace/src/pkg/common/validation
[gosec] 2024/10/15 19:43:43 Checking package: common
[gosec] 2024/10/15 19:43:43 Checking file: /github/workspace/src/internal/tui/common/common.go
[gosec] 2024/10/15 19:43:43 Import directory: /github/workspace/src/pkg/common/validation-store
[gosec] 2024/10/15 19:43:43 Checking file: /github/workspace/src/internal/tui/common/editor.go
[gosec] 2024/10/15 19:43:43 Checking file: /github/workspace/src/internal/tui/common/help.go
[gosec] 2024/10/15 19:43:44 Checking file: /github/workspace/src/internal/tui/common/keys.go
[gosec] 2024/10/15 19:43:44 Checking file: /github/workspace/src/internal/tui/common/picker.go
[gosec] 2024/10/15 19:43:44 Checking file: /github/workspace/src/internal/tui/common/popup.go
[gosec] 2024/10/15 19:43:44 Checking file: /github/workspace/src/internal/tui/common/save.go
[gosec] 2024/10/15 19:43:44 Checking file: /github/workspace/src/internal/tui/common/styles.go
[gosec] 2024/10/15 19:43:44 Checking file: /github/workspace/src/internal/tui/common/tbd.go
[gosec] 2024/10/15 19:43:44 Checking package: validation
[gosec] 2024/10/15 19:43:44 Checking file: /github/workspace/src/pkg/common/validation/options.go
[gosec] 2024/10/15 19:43:44 Import directory: /github/workspace/src/test/e2e/cmd
[gosec] 2024/10/15 19:43:44 Checking file: /github/workspace/src/pkg/common/validation/validation.go
[gosec] 2024/10/15 19:43:44 Checking package: message
[gosec] 2024/10/15 19:43:44 Checking file: /github/workspace/src/pkg/message/generic.go
[gosec] 2024/10/15 19:43:44 Import directory: /github/workspace
[gosec] 2024/10/15 19:43:44 Checking file: /github/workspace/src/pkg/message/interactive.go
[gosec] 2024/10/15 19:43:44 Checking file: /github/workspace/src/pkg/message/message.go
[gosec] 2024/10/15 19:43:44 Checking file: /github/workspace/src/pkg/message/progress.go
[gosec] 2024/10/15 19:43:44 Checking file: /github/workspace/src/pkg/message/spinner.go
[gosec] 2024/10/15 19:43:45 Checking package: main
[gosec] 2024/10/15 19:43:45 Checking file: /github/workspace/main.go
[gosec] 2024/10/15 19:43:45 Import directory: /github/workspace/src/cmd/common
[gosec] 2024/10/15 19:43:45 Import directory: /github/workspace/src/cmd/evaluate
[gosec] 2024/10/15 19:43:45 Checking package: main
[gosec] 2024/10/15 19:43:45 Checking file: /github/workspace/main.go
[gosec] 2024/10/15 19:43:45 Checking package: validationstore
[gosec] 2024/10/15 19:43:45 Checking file: /github/workspace/src/pkg/common/validation-store/validation-store.go
[gosec] 2024/10/15 19:43:45 Import directory: /github/workspace/src/internal/tui/component
[gosec] 2024/10/15 19:43:46 Import directory: /github/workspace/src/pkg/common
[gosec] 2024/10/15 19:43:46 Checking package: main
[gosec] 2024/10/15 19:43:46 Checking file: /github/workspace/main.go
[gosec] 2024/10/15 19:43:46 Import directory: /github/workspace/src/pkg/common/requirement-store
[gosec] 2024/10/15 19:43:46 Checking package: evaluate
[gosec] 2024/10/15 19:43:46 Checking file: /github/workspace/src/cmd/evaluate/evaluate.go
[gosec] 2024/10/15 19:43:46 Checking package: common
[gosec] 2024/10/15 19:43:46 Checking file: /github/workspace/src/cmd/common/common.go
[gosec] 2024/10/15 19:43:46 Import directory: /github/workspace/src/cmd/console
[gosec] 2024/10/15 19:43:46 Checking file: /github/workspace/src/cmd/common/setup.go
[gosec] 2024/10/15 19:43:46 Checking file: /github/workspace/src/cmd/common/viper.go
[gosec] 2024/10/15 19:43:47 Import directory: /github/workspace/src/cmd/dev
[gosec] 2024/10/15 19:43:47 Checking package: component
[gosec] 2024/10/15 19:43:47 Checking file: /github/workspace/src/internal/tui/component/component.go
[gosec] 2024/10/15 19:43:47 Checking file: /github/workspace/src/internal/tui/component/keys.go
[gosec] 2024/10/15 19:43:47 Checking file: /github/workspace/src/internal/tui/component/types.go
[gosec] 2024/10/15 19:43:47 Checking package: common
[gosec] 2024/10/15 19:43:47 Checking file: /github/workspace/src/pkg/common/common.go
[gosec] 2024/10/15 19:43:47 Import directory: /github/workspace/src/internal/tui/assessment_results
[gosec] 2024/10/15 19:43:48 Checking file: /github/workspace/src/pkg/common/types.go
[gosec] 2024/10/15 19:43:48 Checking package: requirementstore
[gosec] 2024/10/15 19:43:48 Checking file: /github/workspace/src/pkg/common/requirement-store/requirement-store.go
[gosec] 2024/10/15 19:43:48 Import directory: /github/workspace/src/types
[gosec] 2024/10/15 19:43:48 Import directory: /github/workspace/src/pkg/common/composition
[gosec] 2024/10/15 19:43:48 Checking package: console
[gosec] 2024/10/15 19:43:48 Checking file: /github/workspace/src/cmd/console/console.go
[gosec] 2024/10/15 19:43:48 Import directory: /github/workspace/src/pkg/common/oscal
[gosec] 2024/10/15 19:43:48 Checking package: dev
[gosec] 2024/10/15 19:43:48 Checking file: /github/workspace/src/cmd/dev/common.go
[gosec] 2024/10/15 19:43:49 Checking file: /github/workspace/src/cmd/dev/get-resources.go
[gosec] 2024/10/15 19:43:49 Checking file: /github/workspace/src/cmd/dev/lint.go
[gosec] 2024/10/15 19:43:49 Checking file: /github/workspace/src/cmd/dev/validate.go
[gosec] 2024/10/15 19:43:49 Checking package: assessmentresults
[gosec] 2024/10/15 19:43:49 Checking file: /github/workspace/src/internal/tui/assessment_results/assessment-results.go
[gosec] 2024/10/15 19:43:49 Import directory: /github/workspace/src/pkg/common/schemas
[gosec] 2024/10/15 19:43:49 Checking file: /github/workspace/src/internal/tui/assessment_results/keys.go
[gosec] 2024/10/15 19:43:49 Checking file: /github/workspace/src/internal/tui/assessment_results/types.go
[gosec] 2024/10/15 19:43:49 Checking package: composition
[gosec] 2024/10/15 19:43:49 Checking file: /github/workspace/src/pkg/common/composition/composition.go
[gosec] 2024/10/15 19:43:49 Checking file: /github/workspace/src/pkg/common/composition/options.go
[gosec] 2024/10/15 19:43:50 Checking file: /github/workspace/src/pkg/common/composition/resource-store.go
[gosec] 2024/10/15 19:43:50 Checking package: types
[gosec] 2024/10/15 19:43:50 Checking file: /github/workspace/src/types/context_keys.go
[gosec] 2024/10/15 19:43:50 Checking file: /github/workspace/src/types/types.go
[gosec] 2024/10/15 19:43:50 Checking package: oscal
[gosec] 2024/10/15 19:43:50 Checking file: /github/workspace/src/pkg/common/oscal/assessment-results.go
[gosec] 2024/10/15 19:43:50 Checking file: /github/workspace/src/pkg/common/oscal/catalog.go
[gosec] 2024/10/15 19:43:50 Checking file: /github/workspace/src/pkg/common/oscal/common.go
[gosec] 2024/10/15 19:43:51 Checking file: /github/workspace/src/pkg/common/oscal/complete-schema.go
[gosec] 2024/10/15 19:43:51 Checking file: /github/workspace/src/pkg/common/oscal/component.go
[gosec] 2024/10/15 19:43:52 Checking file: /github/workspace/src/pkg/common/oscal/multi-validate.go
[gosec] 2024/10/15 19:43:52 Checking package: schemas
[gosec] 2024/10/15 19:43:52 Checking file: /github/workspace/src/pkg/common/schemas/schema.go
results.sarif 
{
        "runs": [
                {
                        "results": [],
                        "taxonomies": [
                                {
                                        "downloadUri": "https://cwe.mitre.org/data/xml/cwec_v4.4.xml.zip",
                                        "guid": "f2856fc0-85b7-373f-83e7-6f8582243547",
                                        "informationUri": "https://cwe.mitre.org/data/published/cwe_v4.4.pdf/",
                                        "isComprehensive": true,
                                        "language": "en",
                                        "minimumRequiredLocalizedDataSemanticVersion": "4.4",
                                        "name": "CWE",
                                        "organization": "MITRE",
                                        "releaseDateUtc": "2021-03-15",
                                        "shortDescription": {
                                                "text": "The MITRE Common Weakness Enumeration"
                                        },
                                        "version": "4.4"
                                }
                        ],
                        "tool": {
                                "driver": {
                                        "guid": "8b518d5f-906d-39f9-894b-d327b1a421c5",
                                        "informationUri": "https://github.com/securego/gosec/",
                                        "name": "gosec",
                                        "semanticVersion": "dev",
                                        "supportedTaxonomies": [
                                                {
                                                        "guid": "f2856fc0-85b7-373f-83e7-6f8582243547",
                                                        "name": "CWE"
                                                }
                                        ],
                                        "version": "dev"
                                }
                        }
                }
        ],
        "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/main/sarif-2.1/schema/sarif-schema-2.1.0.json",
        "version": "2.1.0"
}%

Upon switching to a binary installation with go install the same inputs now result in a passing exit code.

Steps to reproduce the behavior

gosec version

2.21.3

Go version (output of 'go version')

Operating system / Environment

linux amd64
macos arm64

Expected behavior

Matching results based on same inputs

Actual behavior

binary execution responds with success exit code
@ccojocar
Copy link
Member

Not sure what's casing your issue. The action should work if you follow this instructions https://github.com/securego/gosec?tab=readme-ov-file#github-action. Also we use it in on each pull request

gosec/.github/workflows/ci.yml

Line 34 in 7d33bc1

- name: Run Gosec Security Scanner
.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ccojocar @brandtkeller