You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
But I could also reproduce it outside the cluster:
Scanned 15 assets
Alpine Linux v3.18
B index.docker.io/mondoo/cnspec@c4fcf2666941
Distroless
C quay.io/jetstack/cert-manager-cainjector@7c65d8478484
C quay.io/jetstack/cert-manager-controller@63a7aa17a1b1
C quay.io/jetstack/cert-manager-webhook@c5644d09c6cf
C registry.k8s.io/etcd@51eae8381dcb
C registry.k8s.io/kube-apiserver@697cd88d94f7
C registry.k8s.io/kube-controller-manager@6286e500782a
C registry.k8s.io/kube-proxy@4bcb707da989
C registry.k8s.io/kube-scheduler@5897d7a97d23
C registry.k8s.io/metrics-server/metrics-server@ee4304963fb0
Red Hat Enterprise Linux 8.8 (Ootpa)
C index.docker.io/calico/node@8e34517775f3
scratch
U gcr.io/k8s-minikube/storage-provisioner@18eb69d1418e
U index.docker.io/calico/cni@3be3c67ddba1
U index.docker.io/calico/kube-controllers@01ce29ea8f2b
U registry.k8s.io/coredns/coredns@a0ead06651cf
Summary
=======
Score Distribution Asset Distribution
------------------ ------------------
A 0 assets scratch 4
B 1 assets Red Hat Enterprise Linux 8.8 (Ootpa) 1
C 10 assets Alpine Linux v3.18 1
D 0 assets Distroless 9
F 0 assets
U 4 assets
panic: runtime error: index out of range [1] with length 0
goroutine 1 [running]:
go.mondoo.com/cnspec/cli/reporter.(*defaultReporter).printSummary(0xc0051e9a98, {0xc001ae03c0, 0xf, 0x0?})
/home/runner/_work/cnspec/cnspec/cli/reporter/print_compact.go:174 +0xe45
go.mondoo.com/cnspec/cli/reporter.(*defaultReporter).print(0xc0051e9a98)
/home/runner/_work/cnspec/cnspec/cli/reporter/print_compact.go:71 +0x24f
go.mondoo.com/cnspec/cli/reporter.(*Reporter).Print(0xa096e63?, 0x7?, {0xb2839c0?, 0xc0000f0038?})
/home/runner/_work/cnspec/cnspec/cli/reporter/reporter.go:53 +0x12f
go.mondoo.com/cnspec/apps/cnspec/cmd.printReports(0xa093bb6?, 0xc001b48780, 0x9b520c0?)
/home/runner/_work/cnspec/cnspec/apps/cnspec/cmd/scan.go:715 +0xa5
go.mondoo.com/cnspec/apps/cnspec/cmd.glob..func22(0x0?, {0xc003213440, 0x0, 0x4}, 0x0?, 0x0?)
/home/runner/_work/cnspec/cnspec/apps/cnspec/cmd/scan.go:417 +0x1a8
go.mondoo.com/cnquery/apps/cnquery/cmd/builder.kubernetesProviderCmd.func1(0x0?, {0xc003213440?, 0x0?, 0x0?})
/home/runner/go/pkg/mod/go.mondoo.com/[email protected]/apps/cnquery/cmd/builder/builder.go:316 +0x28
go.mondoo.com/cnquery/apps/cnquery/cmd/builder/common.KubernetesProviderCmd.func2(0xc003066a00?, {0xc003213440?, 0x4?, 0xa09059b?})
/home/runner/go/pkg/mod/go.mondoo.com/[email protected]/apps/cnquery/cmd/builder/common/common.go:295 +0x75
github.com/spf13/cobra.(*Command).execute(0xc003090000, {0xc003213400, 0x4, 0x4})
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:944 +0x863
github.com/spf13/cobra.(*Command).ExecuteC(0x102d82e0)
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:1068 +0x3a5
github.com/spf13/cobra.(*Command).Execute(...)
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:992
go.mondoo.com/cnspec/apps/cnspec/cmd.Execute()
/home/runner/_work/cnspec/cnspec/apps/cnspec/cmd/root.go:79 +0x1a
main.main()
/home/runner/_work/cnspec/cnspec/apps/cnspec/cnspec.go:6 +0xf
It does not always happen. I didn't happen when scanning against prod, but against edge.
cnspec scan k8s --discover container-images --config ~/workspace/mondoo/sa-edge-default.json
...
Scanned 15 assets
Alpine Linux v3.18
B index.docker.io/mondoo/cnspec@17c97d6e602b
Distroless
C quay.io/jetstack/cert-manager-cainjector@da7e239ee264
C quay.io/jetstack/cert-manager-controller@2642e7f41545
C quay.io/jetstack/cert-manager-webhook@a3205d026246
C registry.k8s.io/etcd@8ae03c7bbd43
C registry.k8s.io/kube-apiserver@dcf39b4579f8
C registry.k8s.io/kube-controller-manager@c4765f949306
C registry.k8s.io/kube-proxy@ce9abe867450
C registry.k8s.io/kube-scheduler@9c58009453cf
C registry.k8s.io/metrics-server/metrics-server@9f50dd170c11
Red Hat Enterprise Linux 8.8 (Ootpa)
C index.docker.io/calico/node@9459d1b28319
scratch
U gcr.io/k8s-minikube/storage-provisioner@c4c05d6ad6c0
U index.docker.io/calico/cni@86779fab56f3
U index.docker.io/calico/kube-controllers@2c5526ad8cd6
U registry.k8s.io/coredns/coredns@be7652ce0b43
Summary
=======
Score Distribution Asset Distribution
------------------ ------------------
A 0 assets scratch 4
B 1 assets Red Hat Enterprise Linux 8.8 (Ootpa) 1
C 10 assets Alpine Linux v3.18 1
D 0 assets Distroless 9
F 0 assets
U 4 assets
See more scan results and asset relationships on the Mondoo Console: https://edge.console.mondoo.com/space/inventory?spaceId=elastic-payne-456551
Describe the bug
The cnspec CLI reporter panics when scanning k8s container images.
I came across this inside a minikube cluster, while testing mondoohq/mondoo-operator#873.
But I could also reproduce it outside the cluster:
It does not always happen. I didn't happen when scanning against prod, but against edge.
To Reproduce
Steps to reproduce the behavior:
cnspec scan k8s --discover container-images --config ~/workspace/mondoo/sa-edge-default.json
Expected behavior
I'd expect no panic.
Desktop (please complete the following information):
Additional context
I'm not sure what's the difference is between edge and prod. Perhaps I've different policies active.
I didn't check v9 so far.
The text was updated successfully, but these errors were encountered: