Deion Executing this simple command: docker run aquasec/

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

The scan seems to work fine though: <div class="highlight highlight-source-shell n

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

<a target="_blank" rel="noopener noreferrer nofollow" href="https://user-images.github

<a target="_blank" rel="noopener noreferrer nofollow" href="https://user-images.githubu

Hi <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="

output error while running the chain-bench scan about chain-bench HOT 12 CLOSED

aquasecurity commented on May 29, 2024 1

output error while running the chain-bench scan

from chain-bench.

Comments (12)

naortalmor1 commented on May 29, 2024 1

@LiorVais Can you please tale a look in that pls?

from chain-bench.

YuviGold commented on May 29, 2024 1

Got the same panic when authentication token was not provided.
The repository function return nil object to repo which isn't validated and tried to be accessed via *repo.Owner.Type

➜  ~ docker run aquasec/chain-bench scan --repository-url https://github.com/aquasecurity/chain-bench -v
2022-09-14 13:31:33 INF 🚩	Fetch Starting
2022-09-14 13:31:33 ERR error in authenticated user data
2022-09-14 13:31:33 DBG error in authenticated user data error="GET https://api.github.com/user: 401 Bad credentials []"
2022-09-14 13:31:34 ERR error in fetching repository data
2022-09-14 13:31:34 DBG error in fetching repository data error="GET https://api.github.com/repos/aquasecurity/chain-bench: 401 Bad credentials []"
2022-09-14 13:31:34 INF 🛢️	Fetching Repository Settings Finished
2022-09-14 13:31:34 ERR error in fetching branch protection
2022-09-14 13:31:34 DBG error in fetching branch protection error="GET https://api.github.com/repos/aquasecurity/chain-bench/branches//protection: 401 Bad credentials []"
2022-09-14 13:31:34 INF 🌱	Fetching Branch Protection Settings Finished
2022-09-14 13:31:34 ERR error in fetching workflows
2022-09-14 13:31:34 DBG error in fetching workflows error="GET https://api.github.com/repos/aquasecurity/chain-bench/actions/workflows: 401 Bad credentials []"
2022-09-14 13:31:34 INF 🔧	Fetching Pipelines Finished
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x10 pc=0xb3f265]

goroutine 1 [running]:
github.com/aquasecurity/chain-bench/internal/scm-clients/clients.FetchClientData({0x0, 0x0}, {0x7ffeb8378f4b?, 0x1?})
	/home/runner/work/chain-bench/chain-bench/internal/scm-clients/clients/clients.go:48 +0x3c5
github.com/aquasecurity/chain-bench/internal/commands.NewScanCommand.func1(0xc000250280?, {0xcfc484?, 0x3?, 0x3?})
	/home/runner/work/chain-bench/chain-bench/internal/commands/scan.go:22 +0xac
github.com/spf13/cobra.(*Command).execute(0xc000250280, {0xc0001fdf20, 0x3, 0x3})
	/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:872 +0x694
github.com/spf13/cobra.(*Command).ExecuteC(0xc000250000)
	/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:990 +0x3b4
github.com/spf13/cobra.(*Command).Execute(...)
	/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:918
github.com/aquasecurity/chain-bench/internal/commands.Execute({0xe4c9a8?, 0xc0000021a0?})
	/home/runner/work/chain-bench/chain-bench/internal/commands/root.go:21 +0x32
main.main()
	/home/runner/work/chain-bench/chain-bench/cmd/chain-bench/main.go:12 +0x27

from chain-bench.

venkyvikram commented on May 29, 2024

Same Issue for me also. I don't see any issue on token permission or the repository. Looking forward if someone fix this similar issue.
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x10 pc=0x1741885]

goroutine 1 [running]:
github.com/aquasecurity/chain-bench/internal/scm-clients/clients.FetchClientData({0x7ffeefbffafb, 0x28}, {0x7ffeefbffaba?, 0x1?})
github.com/aquasecurity/chain-bench/internal/scm-clients/clients/clients.go:48 +0x3c5
github.com/aquasecurity/chain-bench/internal/commands.NewScanCommand.func1(0xc000264280?, {0x1900f9c?, 0x4?, 0x4?})

Regards,
Venkat

from chain-bench.

rgreinho commented on May 29, 2024

The scan seems to work fine though:

$ docker run aquasec/chain-bench scan --repository-url https://github.com/buildsec/frsca --access-token $GITHUB_TOKEN
Unable to find image 'aquasec/chain-bench:latest' locally
latest: Pulling from aquasec/chain-bench
b3c136eddcbf: Pull complete
d55ff444f396: Pull complete
508144a78229: Pull complete
Digest: sha256:a5940490930d6fc45a00dc65090a92c7514a5a9451ba435523bcb711b93ce87a
Status: Downloaded newer image for aquasec/chain-bench:latest
2022-08-02 12:15:49 INF 🚩	Fetch Starting
2022-08-02 12:15:55 WRN failed to fetch hooks data
2022-08-02 12:15:55 INF 🛢️	Fetching Repository Settings Finished
2022-08-02 12:15:55 ERR error in fetching branch protection
2022-08-02 12:15:55 INF 🌱	Fetching Branch Protection Settings Finished
2022-08-02 12:15:56 WRN file .github/workflows/ci.yaml not found
2022-08-02 12:15:56 WRN file dynamic/pages/pages-build-deployment not found
2022-08-02 12:15:56 INF 🔧	Fetching Pipelines Finished
2022-08-02 12:15:57 WRN failed to fetch organization hooks
2022-08-02 12:15:57 INF 🏢	Fetching Organization Settings Finished
2022-08-02 12:15:58 INF 👫	Fetching Members Finished
2022-08-02 12:15:58 INF 🏁	Fetch succeeded
   ID                                                 Name                                                Result                                    Reason
-------- ----------------------------------------------------------------------------------------------- --------- ------------------------------------------------------------------------

from chain-bench.

bparinas commented on May 29, 2024

@rgreinho it works now in my end as well

from chain-bench.

LalitLab commented on May 29, 2024

I have seen the same error, it happened to me when my repository is not having any GitHub workflows.

from chain-bench.

VaismanLior commented on May 29, 2024

Thank you for the issue!
The latest version seems to work just fine with and without docker.
@LalitTurbot I tried it on a repository without workflows, should work as well.
If you are running it on docker please make sure you use the latest image
Closing the issue, please reopen if anyone has this problem again 🥇

from chain-bench.

Shan-KulK commented on May 29, 2024

Bumping this issue as I also cannot run the tool from cli, valid repo url and PAT. Same with a friend I know trying it on his repo.

from chain-bench.

VaismanLior commented on May 29, 2024

Bumping this issue as I also cannot run the tool from cli, valid repo url and PAT. Same with a friend I know trying it on his repo.

@Shan-KulK Thanks for reporting this!
I couldn't reproduce the issue. Can you please provide more information on how you ran the scan?
If you are using docker, what image are you using?

Also, what type of repository is it? Under a user or organization?

from chain-bench.

naortalmor1 commented on May 29, 2024

Hi @Shan-KulK,
can you help us please reproduce this issue?

from chain-bench.

Shan-KulK commented on May 29, 2024

Sorry for the late reply, it seems to have fixed itself upon reinstall

from chain-bench.

acramagnac2 commented on May 29, 2024

Hello, Same Issue for me also.
Does the issue may appear when we have a dash symbol "-" in the repository-url value or token content ?

from chain-bench.

output error while running the chain-bench scan about chain-bench HOT 12 CLOSED

Comments (12)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent