Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🐛 Fix vuln command panic #979

Merged
merged 5 commits into from
Dec 6, 2023
Merged

🐛 Fix vuln command panic #979

merged 5 commits into from
Dec 6, 2023

Conversation

czunker
Copy link
Contributor

@czunker czunker commented Dec 4, 2023

Fixes #977

@czunker
🐛 Fix vuln command panic
fc7bfff 
Fixes #977

Signed-off-by: Christian Zunker <[email protected]>
@czunker
Copy link
Contributor Author

czunker commented Dec 4, 2023

Works again:

cnspec vuln local
→ loaded configuration from /etc/opt/mondoo/mondoo.yml using source default
→ using service account credentials

Target:     X1
================

┌─ Advisories ─────────────────────────┐
│ Critical: █ 10.0%                    │
│ High:     █████████████ 50.0%        │
│ Medium:   ███████ 30.0%              │
│ Low:      █ 10.0%                    │
│ None:     0.0%                       │
└──────────────────────────────────────┘

┌─ Packages ───────────────────────────┐
│ Total:    ███████████████████ 2458   │
│ Critical: 1                          │
│ High:     ███████████████████ 33     │
│ Medium:   ██ 4                       │
│ Low:      1                          │
└──────────────────────────────────────┘

  ■   SCORE  PACKAGE                      INSTALLED                            FIXED                                           AVAILABLE  ADVISORY    
  ■   9.8    python3-scipy                1.8.0-1exp2ubuntu1                   1.8.0-1exp2ubuntu1+esm1                                                
  ╰─  9.8    python3-scipy                1.8.0-1exp2ubuntu1                   1.8.0-1exp2ubuntu1+esm1                                    USN-6226-1  
  ■   8.8    libavcodec-extra             7:4.4.2-0ubuntu0.22.04.1             7:4.4.2-0ubuntu0.22.04.1+esm3                                          
  ├─  8.8    libavcodec-extra             7:4.4.2-0ubuntu0.22.04.1             7:4.4.2-0ubuntu0.22.04.1+esm2                              USN-6449-1  
  ├─  8.8    libavcodec-extra             7:4.4.2-0ubuntu0.22.04.1             7:4.4.2-0ubuntu0.22.04.1+esm2                              USN-6449-1  
  ├─  8.8    libavcodec-extra             7:4.4.2-0ubuntu0.22.04.1             7:4.4.2-0ubuntu0.22.04.1+esm3                              USN-6449-2  
  ├─  8.8    libavcodec-extra             7:4.4.2-0ubuntu0.22.04.1             7:4.4.2-0ubuntu0.22.04.1+esm3                              USN-6449-2  
  ├─  8.1    libavcodec-extra             7:4.4.2-0ubuntu0.22.04.1             7:4.4.2-0ubuntu0.22.04.1+esm1                              USN-5958-1  
  ╰─  8.1    libavcodec-extra             7:4.4.2-0ubuntu0.22.04.1             7:4.4.2-0ubuntu0.22.04.1+esm1                              USN-5958-1  
...

@czunker czunker mentioned this pull request Dec 4, 2023
Merged
imilchev
imilchev reviewed Dec 5, 2023
View reviewed changes
apps/cnspec/cmd/vuln.go
Features: conf.Features,
Asset: cliRes.Asset,
Upstream: runtime.UpstreamConfig,
}, nil)
})
if err != nil {
log.Fatal().Err(err).Msg("could not load asset information")
Copy link
Member

@imilchev imilchev Dec 5, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we remove the fatal here and follow the same pattern as here #900? We want to exit properly instead of panicking

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not that easy. I gave it a try. The current structs do not support it. We would need to change cnquery, and than preferably also all the other commands associated with the struct: shell, run, and scan.

That would blow up this PR and log.Fatal already exits with os.Exit(1) and does not panic.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

alright, let's leave that out. Need to fix the tests though

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

@czunker
Add SupportedConnectors
41fd303 
Signed-off-by: Christian Zunker <[email protected]>
@czunker
Fix CLI tests
b4d7ffd 
Signed-off-by: Christian Zunker <[email protected]>
@czunker
Revert test changes (local vs. pipeline)
a1c1fa9 
Signed-off-by: Christian Zunker <[email protected]>
@czunker
Next try on fixing the tests
f4f43c9 
Signed-off-by: Christian Zunker <[email protected]>
@czunker czunker merged commit 7bd49c5 into main Dec 6, 2023
5 checks passed
@czunker czunker deleted the christian/fix_vuln_panic branch December 6, 2023 10:42
@github-actions github-actions bot locked and limited conversation to collaborators Dec 6, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@imilchev imilchev imilchev approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

cnspec vuln panics
2 participants
@czunker @imilchev