Skip to content

Secret Scanning alerts migration bug #1331

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
theztefan opened this issue Mar 28, 2025 · 0 comments
Open

Secret Scanning alerts migration bug #1331

theztefan opened this issue Mar 28, 2025 · 0 comments
Labels
bug Something isn't working

Comments

@theztefan
Copy link
Contributor

theztefan commented Mar 28, 2025

Description

There is a bug in the gh gei migrate-secret-alerts when BuildSecretScanningAlertLocation as we are trying to access access properties in the that don't exist in certain alert location types i.e. they don't exist in the JSON response from the REST API.

[2025-03-27 14:39:08] [DEBUG] RESPONSE (OK): [{"type":"commit","details":{"path":"storage/src/main/resources/.env","start_line":6,"end_line":6,"start_column":17,"end_column":49,"blob_sha":"40ecdbab769bc2cb0e4e2114fd6986ae1acc3df2","blob_url":"https://api.github.com/repos/theztefan-enterprise-test/origin/git/blobs/40ecdbab769bc2cb0e4e2114fd6986ae1acc3df2","commit_sha":"b350b85436a872ccdc1a0cfa73f59264b8dbf4eb","commit_url":"https://api.github.com/repos/theztefan-enterprise-test/origin/git/commits/b350b85436a872ccdc1a0cfa73f59264b8dbf4eb"}},{"type":"pull_request_comment","details":{"pull_request_comment_url":"https://api.github.com/repos/theztefan-enterprise-test/origin/issues/comments/2758069588"}}]
[2025-03-27 14:39:09] [ERROR] System.ArgumentNullException: Value cannot be null. (Parameter 'value')
   at Newtonsoft.Json.Linq.JToken.EnsureValue(JToken value)
   at Newtonsoft.Json.Linq.JToken.op_Explicit(JToken value)
   at OctoshiftCLI.Services.GithubApi.BuildSecretScanningAlertLocation(JToken alertLocation)
   at OctoshiftCLI.Services.GithubApi.<>c.<GetSecretScanningAlertsLocations>b__47_0(JToken alertLocation)
   at System.Linq.AsyncEnumerable.SelectEnumerableAsyncIterator`2.MoveNextCore() in /_/Ix.NET/Source/System.Linq.Async/System/Linq/Operators/Select.cs:line 223
   at System.Linq.AsyncIteratorBase`1.MoveNextAsync() in /_/Ix.NET/Source/System.Linq.Async/System/Linq/AsyncIterator.cs:line 70
   at System.Linq.AsyncIteratorBase`1.MoveNextAsync() in /_/Ix.NET/Source/System.Linq.Async/System/Linq/AsyncIterator.cs:line 75
   at System.Linq.AsyncEnumerable.<ToListAsync>g__Core|424_0[TSource](IAsyncEnumerable`1 source, CancellationToken cancellationToken) in /_/Ix.NET/Source/System.Linq.Async/System/Linq/Operators/ToList.cs:line 36
   at System.Linq.AsyncEnumerable.<ToListAsync>g__Core|424_0[TSource](IAsyncEnumerable`1 source, CancellationToken cancellationToken) in /_/Ix.NET/Source/System.Linq.Async/System/Linq/Operators/ToList.cs:line 36
   at OctoshiftCLI.Services.GithubApi.GetSecretScanningAlertsLocations(String org, String repo, Int32 alertNumber)
   at OctoshiftCLI.Services.SecretScanningAlertService.GetAlertsWithLocations(GithubApi api, String org, String repo)
   at OctoshiftCLI.Services.SecretScanningAlertService.MigrateSecretScanningAlerts(String sourceOrg, String sourceRepo, String targetOrg, String targetRepo, Boolean dryRun)
   at OctoshiftCLI.GithubEnterpriseImporter.Commands.MigrateSecretAlerts.MigrateSecretAlertsCommandHandler.Handle(MigrateSecretAlertsCommandArgs args)
   at OctoshiftCLI.Extensions.CommandExtensions.RunHandler[TArgs,THandler](TArgs args, ServiceProvider sp, CommandBase`2 command)
   at OctoshiftCLI.Extensions.CommandExtensions.<>c__DisplayClass1_0`3.<<ConfigureCommand>b__0>d.MoveNext()
--- End of stack trace from previous location ---
   at System.CommandLine.Invocation.AnonymousCommandHandler.InvokeAsync(InvocationContext )
   at System.CommandLine.Invocation.InvocationPipeline.<>c__DisplayClass4_0.<<BuildInvocationChain>b__0>d.MoveNext()
--- End of stack trace from previous location ---
   at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass17_0.<<UseParseErrorReporting>b__0>d.MoveNext()
--- End of stack trace from previous location ---
   at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass12_0.<<UseHelp>b__0>d.MoveNext()
--- End of stack trace from previous location ---
   at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass22_0.<<UseVersionOption>b__0>d.MoveNext()
--- End of stack trace from previous location ---
   at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass19_0.<<UseTypoCorrections>b__0>d.MoveNext()
--- End of stack trace from previous location ---
   at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c.<<UseSuggestDirective>b__18_0>d.MoveNext()
--- End of stack trace from previous location ---
   at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass16_0.<<UseParseDirective>b__0>d.MoveNext()
--- End of stack trace from previous location ---
   at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c.<<RegisterWithDotnetSuggest>b__5_0>d.MoveNext()
--- End of stack trace from previous location ---
   at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass8_0.<<UseExceptionHandler>b__0>d.MoveNext()

Reproduction Steps

Run gh gei migrate-secret-alerts of origin repository which has a Secret Scanning alert with locations other than commit or wiki_commit.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

1 participant