thoth-station / si-bandit Goto Github PK
View Code? Open in Web Editor NEWThoth's Security Indicator using bandit
License: GNU General Public License v3.0
si-bandit's People
Stargazers
Watchers
si-bandit's Issues
migrate authority over templates to thoth-application
remove argo workflow template and openshift templates, as they are maintained by thoth-station/thoth-application#53 now...
New patch release
Hey, Kebechet!
Create a new patch release, please.
New patch release
Hey, Kebechet!
Create a new patch release, please.
Kebechet update
New patch release
Hey, Kebechet!
Create a new patch release, please.
Syntax error while parsing AST from file running si bandit in Si workflow
Describe the bug
syntax error while parsing AST from file running si bandit in Si workflow
To Reproduce
Steps to reproduce the behavior:
- Use same inputs to schedule si workflow
Expected behavior
A clear and concise description of what you expected to happen.
Screenshots
Name: security-indicator-81d8e006
Namespace: thoth-middletier-stage
ServiceAccount: argo
Status: Failed
Conditions:
Completed True
Created: Fri Oct 02 14:17:56 +0200 (1 hour ago)
Started: Fri Oct 02 16:03:40 +0200 (1 minute ago)
Finished: Fri Oct 02 16:05:35 +0200 (now)
Duration: 1 minute 55 seconds
ResourcesDuration: 2m8s*(1 cpu),7m30s*(100Mi memory)
Parameters:
ceph_bucket_prefix: data
ceph_bucket_name: thoth
ceph_host: s3.upshift.redhat.com
deployment_name: ocp-stage
THOTH_SECURITY_INDICATORS_JOB_ID: security-indicator-81d8e006
THOTH_DOCUMENT_ID: security-indicator-81d8e006
THOTH_SECURITY_INDICATORS_PACKAGE_NAME: rb
THOTH_SECURITY_INDICATORS_PACKAGE_VERSION: 0.9.2
THOTH_SECURITY_INDICATORS_PACKAGE_INDEX: https://pypi.org/simple
THOTH_SECURITY_INDICATORS_AGGREGATION_FUNCTION: process_data
THOTH_FORCE_SYNC: 0
STEP TEMPLATE PODNAME DURATION MESSAGE
✖ security-indicator-81d8e006 security-indicators
├-✔ download-package download-package/download-package security-indicator-81d8e006-3716313097 47s
├-✖ bandit bandit/bandit-from-dir security-indicator-81d8e006-562169286 1m failed with exit code 1
├-✔ cloc cloc/cloc-from-dir security-indicator-81d8e006-4047535669 30s
✔ security-indicator-81d8e006.onExit exit-handler
└---✔ delete-pvc delete-pvc security-indicator-81d8e006-2304673912 4s
fmurdaca@pc-7 ~ argo logs security-indicator-81d8e006
security-indicator-81d8e006-3716313097: 2020-10-02T14:04:16.241652688Z {"name": "thoth.common", "levelname": "WARNING", "module": "logging", "lineno": 344, "funcname": "init_logging", "created": 1601647456.2411687, "asctime": "2020-10-02 14:04:16,241", "msecs": 241.16873741149902, "relative_created": 7696.843147277832, "process": 1, "message": "Logging to a Sentry instance is turned off"}
security-indicator-81d8e006-4047535669: 2020-10-02T14:04:48.918811435Z 2020-10-02 14:04:48,918 1 INFO thoth.common:368: Logging to rsyslog endpoint is turned off
security-indicator-81d8e006-4047535669: 2020-10-02T14:04:48.918811435Z 2020-10-02 14:04:48,918 1 WARNING thoth.common:346: Logging to a Sentry instance is turned off
security-indicator-81d8e006-4047535669: 2020-10-02T14:04:48.919029207Z 2020-10-02 14:04:48,918 1 INFO si-cloc:39: SI Cloc v0.1.3+analyzer.0.1.8.common.0.19.0.
security-indicator-81d8e006-4047535669: 2020-10-02T14:04:55.722588235Z 2020-10-02 14:04:55,722 1 INFO thoth.analyzer.cli:175: Writing results to '/mnt/workdir/cloc_results'
security-indicator-81d8e006-562169286: 2020-10-02T14:05:21.991104518Z 2020-10-02 14:05:21,990 1 WARNING thoth.common:346: Logging to a Sentry instance is turned off
security-indicator-81d8e006-562169286: 2020-10-02T14:05:21.991313796Z 2020-10-02 14:05:21,991 1 INFO thoth.common:368: Logging to rsyslog endpoint is turned off
security-indicator-81d8e006-562169286: 2020-10-02T14:05:25.99445356Z File "/opt/app-root/lib/python3.6/site-packages/click/core.py", line 829, in __call__
security-indicator-81d8e006-562169286: 2020-10-02T14:05:25.99445356Z out = _run_bandit(from_directory)
security-indicator-81d8e006-562169286: 2020-10-02T14:05:25.99445356Z File "app.py", line 124, in si_bandit
security-indicator-81d8e006-562169286: 2020-10-02T14:05:25.99445356Z File "app.py", line 59, in _run_bandit
security-indicator-81d8e006-562169286: 2020-10-02T14:05:25.99445356Z raise Exception(out["errors"])
security-indicator-81d8e006-562169286: 2020-10-02T14:05:25.99445356Z 2020-10-02 14:05:25,994 1 CRITICAL root:102: Traceback (most recent call last):
security-indicator-81d8e006-562169286: 2020-10-02T14:05:25.99445356Z File "app.py", line 150, in <module>
security-indicator-81d8e006-562169286: 2020-10-02T14:05:25.99445356Z __name__ == "__main__" and si_bandit()
security-indicator-81d8e006-562169286: 2020-10-02T14:05:25.99445356Z Exception: [{'filename': '/mnt/workdir/package/rb-0.9.2/rb/_rediscommands.py', 'reason': 'syntax error while parsing AST from file'}]
security-indicator-81d8e006-562169286: 2020-10-02T14:05:25.99445356Z return self.main(*args, **kwargs)
security-indicator-81d8e006-562169286: 2020-10-02T14:05:25.99445356Z File "/opt/app-root/lib/python3.6/site-packages/click/core.py", line 782, in main
security-indicator-81d8e006-562169286: 2020-10-02T14:05:25.99445356Z rv = self.invoke(ctx)
security-indicator-81d8e006-562169286: 2020-10-02T14:05:25.99445356Z File "/opt/app-root/lib/python3.6/site-packages/click/core.py", line 1066, in invoke
security-indicator-81d8e006-562169286: 2020-10-02T14:05:25.99445356Z return ctx.invoke(self.callback, **ctx.params)
security-indicator-81d8e006-562169286: 2020-10-02T14:05:25.99445356Z File "/opt/app-root/lib/python3.6/site-packages/click/core.py", line 610, in invoke
security-indicator-81d8e006-562169286: 2020-10-02T14:05:25.99445356Z return callback(*args, **kwargs)
security-indicator-81d8e006-562169286: 2020-10-02T14:05:25.99445356Z File "/opt/app-root/lib/python3.6/site-packages/click/decorators.py", line 21, in new_func
security-indicator-81d8e006-562169286: 2020-10-02T14:05:25.99445356Z return f(get_current_context(), *args, **kwargs)
security-indicator-81d8e006-562169286: 2020-10-02T14:05:25.99445356Z
security-indicator-81d8e006-2304673912: 2020-10-02T14:05:33.1082899Z time="2020-10-02T14:05:33.104Z" level=info msg="Starting Workflow Executor" version=v2.11.0
security-indicator-81d8e006-2304673912: 2020-10-02T14:05:33.193182457Z time="2020-10-02T14:05:33.193Z" level=info msg="Executor (version: v2.11.0, build_date: 2020-09-17T22:51:06Z) initialized (pod: thoth-middletier-stage/security-indicator-81d8e006-2304673912) with template:\n{\"name\":\"delete-pvc\",\"arguments\":{},\"inputs\":{},\"outputs\":{},\"metadata\":{},\"resource\":{\"action\":\"delete\",\"manifest\":\"apiVersion: v1\\nkind: PersistentVolumeClaim\\nmetadata:\\n name: security-indicator-81d8e006-workdir\\n\"}}"
security-indicator-81d8e006-2304673912: 2020-10-02T14:05:33.193182457Z time="2020-10-02T14:05:33.193Z" level=info msg="Creating a K8sAPI executor"
security-indicator-81d8e006-2304673912: 2020-10-02T14:05:33.193229524Z time="2020-10-02T14:05:33.193Z" level=info msg="Loading manifest to /tmp/manifest.yaml"
security-indicator-81d8e006-2304673912: 2020-10-02T14:05:33.193688054Z time="2020-10-02T14:05:33.193Z" level=info msg="kubectl delete --ignore-not-found -f /tmp/manifest.yaml -o name"
Additional context
Add any other context about the problem here.
Failed to update dependencies to their latest version
Automatic dependency update failed for the current master with SHA fcd8357.
The automatic dependency management cannot continue. Please fix errors reported bellow.
Command
$ pipenv lock
Standard output
Standard error
Locking [dev-packages] dependencies...
Locking [packages] dependencies...
Building requirements...
�[K
Resolving dependencies...
�[K
FAIL
�[KTraceback (most recent call last):
File "/home/user/.local/share/virtualenvs/user-5PivF_Od/lib/python3.6/site-packages/pipenv/resolver.py", line 764, in <module>
main()
File "/home/user/.local/share/virtualenvs/user-5PivF_Od/lib/python3.6/site-packages/pipenv/resolver.py", line 760, in main
dev=parsed.dev)
File "/home/user/.local/share/virtualenvs/user-5PivF_Od/lib/python3.6/site-packages/pipenv/resolver.py", line 741, in _main
resolve_packages(pre, clear, verbose, system, write, requirements_dir, packages, dev)
File "/home/user/.local/share/virtualenvs/user-5PivF_Od/lib/python3.6/site-packages/pipenv/resolver.py", line 714, in resolve_packages
results = clean_results(results, resolver, project, dev)
File "/home/user/.local/share/virtualenvs/user-5PivF_Od/lib/python3.6/site-packages/pipenv/resolver.py", line 590, in clean_results
reverse_deps = project.environment.reverse_dependencies()
File "/home/user/.local/share/virtualenvs/user-5PivF_Od/lib/python3.6/site-packages/pipenv/project.py", line 376, in environment
self._environment = self.get_environment(allow_global=allow_global)
File "/home/user/.local/share/virtualenvs/user-5PivF_Od/lib/python3.6/site-packages/pipenv/project.py", line 366, in get_environment
environment.extend_dists(pipenv_dist)
File "/home/user/.local/share/virtualenvs/user-5PivF_Od/lib/python3.6/site-packages/pipenv/environment.py", line 127, in extend_dists
extras = self.resolve_dist(dist, self.base_working_set)
File "/home/user/.local/share/virtualenvs/user-5PivF_Od/lib/python3.6/site-packages/pipenv/environment.py", line 122, in resolve_dist
deps |= cls.resolve_dist(dist, working_set)
File "/home/user/.local/share/virtualenvs/user-5PivF_Od/lib/python3.6/site-packages/pipenv/environment.py", line 121, in resolve_dist
dist = working_set.find(req)
File "/tmp/tmpv_d827pd/.venv/lib/python3.6/site-packages/pkg_resources/__init__.py", line 627, in find
raise VersionConflict(dist, req)
pkg_resources.VersionConflict: (importlib-metadata 3.0.0 (/tmp/tmpv_d827pd/.venv/lib/python3.6/site-packages), Requirement.parse('importlib-metadata<3,>=0.12; python_version < "3.8"'))
Traceback (most recent call last):
File "/home/user/.local/share/virtualenvs/user-5PivF_Od/lib/python3.6/site-packages/pipenv/utils.py", line 1131, in create_spinner
yield sp
File "/home/user/.local/share/virtualenvs/user-5PivF_Od/lib/python3.6/site-packages/pipenv/utils.py", line 1338, in venv_resolve_deps
c = resolve(cmd, sp)
File "/home/user/.local/share/virtualenvs/user-5PivF_Od/lib/python3.6/site-packages/pipenv/utils.py", line 1176, in resolve
sys.exit(c.return_code)
SystemExit: 1
�[K
Environment details
Kebechet version: 1.1.2
Python version: 3.6.8
Platform: Linux-4.18.0-147.8.1.el8_1.x86_64-x86_64-with-redhat-8.3-Ootpa
pipenv version: pipenv, version 2020.11.15
Dependency graph
bandit==1.6.2
- GitPython [required: >=1.0.1, installed: 3.1.11]
- gitdb [required: >=4.0.1,<5, installed: 4.0.5]
- smmap [required: >=3.0.1,<4, installed: 3.0.4]
- PyYAML [required: >=3.13, installed: 5.3.1]
- six [required: >=1.10.0, installed: 1.15.0]
- stevedore [required: >=1.20.0, installed: 3.2.2]
- importlib-metadata [required: >=1.7.0, installed: 3.0.0]
- zipp [required: >=0.5, installed: 3.4.0]
- pbr [required: >=2.0.0,!=2.1.0, installed: 5.5.1]
thoth-python==0.10.2
- aiohttp [required: Any, installed: 3.7.3]
- async-timeout [required: >=3.0,<4.0, installed: 3.0.1]
- attrs [required: >=17.3.0, installed: 20.3.0]
- chardet [required: >=2.0,<4.0, installed: 3.0.4]
- idna-ssl [required: >=1.0, installed: 1.1.0]
- idna [required: >=2.0, installed: 2.10]
- multidict [required: >=4.5,<7.0, installed: 5.0.2]
- typing-extensions [required: >=3.6.5, installed: 3.7.4.3]
- yarl [required: >=1.0,<2.0, installed: 1.6.3]
- idna [required: >=2.0, installed: 2.10]
- multidict [required: >=4.0, installed: 5.0.2]
- typing-extensions [required: >=3.7.4, installed: 3.7.4.3]
- attrs [required: Any, installed: 20.3.0]
- beautifulsoup4 [required: ==4.6.3, installed: 4.6.3]
- click [required: Any, installed: 7.1.2]
- lxml [required: Any, installed: 4.6.1]
- packaging [required: Any, installed: 20.4]
- pyparsing [required: >=2.0.2, installed: 2.4.7]
- six [required: Any, installed: 1.15.0]
- pyelftools [required: Any, installed: 0.27]
- requests [required: Any, installed: 2.25.0]
- certifi [required: >=2017.4.17, installed: 2020.11.8]
- chardet [required: >=3.0.2,<4, installed: 3.0.4]
- idna [required: >=2.5,<3, installed: 2.10]
- urllib3 [required: >=1.21.1,<1.27, installed: 1.26.2]
- semantic-version [required: Any, installed: 2.8.5]
- setuptools [required: Any, installed: 50.3.2]
- thoth-analyzer [required: Any, installed: 0.1.8]
- click [required: Any, installed: 7.1.2]
- delegator.py [required: >=0.1.0, installed: 0.1.1]
- pexpect [required: >=4.1.0, installed: 4.8.0]
- ptyprocess [required: >=0.5, installed: 0.6.0]
- distro [required: Any, installed: 1.5.0]
- requests [required: Any, installed: 2.25.0]
- certifi [required: >=2017.4.17, installed: 2020.11.8]
- chardet [required: >=3.0.2,<4, installed: 3.0.4]
- idna [required: >=2.5,<3, installed: 2.10]
- urllib3 [required: >=1.21.1,<1.27, installed: 1.26.2]
- thoth-common [required: Any, installed: 0.20.4]
- argo-workflows [required: >=3.5, installed: 3.6.1]
- kubernetes [required: >=11.0.0, installed: 11.0.0]
- certifi [required: >=14.05.14, installed: 2020.11.8]
- google-auth [required: >=1.0.1, installed: 1.23.0]
- cachetools [required: >=2.0.0,<5.0, installed: 4.1.1]
- pyasn1-modules [required: >=0.2.1, installed: 0.2.8]
- pyasn1 [required: >=0.4.6,<0.5.0, installed: 0.4.8]
- rsa [required: >=3.1.4,<5, installed: 4.6]
- pyasn1 [required: >=0.1.3, installed: 0.4.8]
- setuptools [required: >=40.3.0, installed: 50.3.2]
- six [required: >=1.9.0, installed: 1.15.0]
- python-dateutil [required: >=2.5.3, installed: 2.8.1]
- six [required: >=1.5, installed: 1.15.0]
- pyyaml [required: >=3.12, installed: 5.3.1]
- requests [required: Any, installed: 2.25.0]
- certifi [required: >=2017.4.17, installed: 2020.11.8]
- chardet [required: >=3.0.2,<4, installed: 3.0.4]
- idna [required: >=2.5,<3, installed: 2.10]
- urllib3 [required: >=1.21.1,<1.27, installed: 1.26.2]
- requests-oauthlib [required: Any, installed: 1.3.0]
- oauthlib [required: >=3.0.0, installed: 3.1.0]
- requests [required: >=2.0.0, installed: 2.25.0]
- certifi [required: >=2017.4.17, installed: 2020.11.8]
- chardet [required: >=3.0.2,<4, installed: 3.0.4]
- idna [required: >=2.5,<3, installed: 2.10]
- urllib3 [required: >=1.21.1,<1.27, installed: 1.26.2]
- setuptools [required: >=21.0.0, installed: 50.3.2]
- six [required: >=1.9.0, installed: 1.15.0]
- urllib3 [required: >=1.24.2, installed: 1.26.2]
- websocket-client [required: >=0.32.0,!=0.42.*,!=0.41.*,!=0.40.0, installed: 0.57.0]
- six [required: Any, installed: 1.15.0]
- mock [required: Any, installed: 4.0.2]
- attrdict [required: Any, installed: 2.0.1]
- six [required: Any, installed: 1.15.0]
- attrs [required: Any, installed: 20.3.0]
- daiquiri [required: Any, installed: 3.0.0]
- python-json-logger [required: Any, installed: 2.0.1]
- jsonformatter [required: Any, installed: 0.3.0]
- kubernetes [required: ~=11.0.0, installed: 11.0.0]
- certifi [required: >=14.05.14, installed: 2020.11.8]
- google-auth [required: >=1.0.1, installed: 1.23.0]
- cachetools [required: >=2.0.0,<5.0, installed: 4.1.1]
- pyasn1-modules [required: >=0.2.1, installed: 0.2.8]
- pyasn1 [required: >=0.4.6,<0.5.0, installed: 0.4.8]
- rsa [required: >=3.1.4,<5, installed: 4.6]
- pyasn1 [required: >=0.1.3, installed: 0.4.8]
- setuptools [required: >=40.3.0, installed: 50.3.2]
- six [required: >=1.9.0, installed: 1.15.0]
- python-dateutil [required: >=2.5.3, installed: 2.8.1]
- six [required: >=1.5, installed: 1.15.0]
- pyyaml [required: >=3.12, installed: 5.3.1]
- requests [required: Any, installed: 2.25.0]
- certifi [required: >=2017.4.17, installed: 2020.11.8]
- chardet [required: >=3.0.2,<4, installed: 3.0.4]
- idna [required: >=2.5,<3, installed: 2.10]
- urllib3 [required: >=1.21.1,<1.27, installed: 1.26.2]
- requests-oauthlib [required: Any, installed: 1.3.0]
- oauthlib [required: >=3.0.0, installed: 3.1.0]
- requests [required: >=2.0.0, installed: 2.25.0]
- certifi [required: >=2017.4.17, installed: 2020.11.8]
- chardet [required: >=3.0.2,<4, installed: 3.0.4]
- idna [required: >=2.5,<3, installed: 2.10]
- urllib3 [required: >=1.21.1,<1.27, installed: 1.26.2]
- setuptools [required: >=21.0.0, installed: 50.3.2]
- six [required: >=1.9.0, installed: 1.15.0]
- urllib3 [required: >=1.24.2, installed: 1.26.2]
- websocket-client [required: >=0.32.0,!=0.42.*,!=0.41.*,!=0.40.0, installed: 0.57.0]
- six [required: Any, installed: 1.15.0]
- openshift [required: Any, installed: 0.11.2]
- jinja2 [required: Any, installed: 2.11.2]
- MarkupSafe [required: >=0.23, installed: 1.1.1]
- kubernetes [required: ~=11.0.0, installed: 11.0.0]
- certifi [required: >=14.05.14, installed: 2020.11.8]
- google-auth [required: >=1.0.1, installed: 1.23.0]
- cachetools [required: >=2.0.0,<5.0, installed: 4.1.1]
- pyasn1-modules [required: >=0.2.1, installed: 0.2.8]
- pyasn1 [required: >=0.4.6,<0.5.0, installed: 0.4.8]
- rsa [required: >=3.1.4,<5, installed: 4.6]
- pyasn1 [required: >=0.1.3, installed: 0.4.8]
- setuptools [required: >=40.3.0, installed: 50.3.2]
- six [required: >=1.9.0, installed: 1.15.0]
- python-dateutil [required: >=2.5.3, installed: 2.8.1]
- six [required: >=1.5, installed: 1.15.0]
- pyyaml [required: >=3.12, installed: 5.3.1]
- requests [required: Any, installed: 2.25.0]
- certifi [required: >=2017.4.17, installed: 2020.11.8]
- chardet [required: >=3.0.2,<4, installed: 3.0.4]
- idna [required: >=2.5,<3, installed: 2.10]
- urllib3 [required: >=1.21.1,<1.27, installed: 1.26.2]
- requests-oauthlib [required: Any, installed: 1.3.0]
- oauthlib [required: >=3.0.0, installed: 3.1.0]
- requests [required: >=2.0.0, installed: 2.25.0]
- certifi [required: >=2017.4.17, installed: 2020.11.8]
- chardet [required: >=3.0.2,<4, installed: 3.0.4]
- idna [required: >=2.5,<3, installed: 2.10]
- urllib3 [required: >=1.21.1,<1.27, installed: 1.26.2]
- setuptools [required: >=21.0.0, installed: 50.3.2]
- six [required: >=1.9.0, installed: 1.15.0]
- urllib3 [required: >=1.24.2, installed: 1.26.2]
- websocket-client [required: >=0.32.0,!=0.42.*,!=0.41.*,!=0.40.0, installed: 0.57.0]
- six [required: Any, installed: 1.15.0]
- python-string-utils [required: Any, installed: 1.0.0]
- ruamel.yaml [required: >=0.15, installed: 0.16.12]
- ruamel.yaml.clib [required: >=0.1.2, installed: 0.2.2]
- six [required: Any, installed: 1.15.0]
- pyyaml [required: Any, installed: 5.3.1]
- requests [required: Any, installed: 2.25.0]
- certifi [required: >=2017.4.17, installed: 2020.11.8]
- chardet [required: >=3.0.2,<4, installed: 3.0.4]
- idna [required: >=2.5,<3, installed: 2.10]
- urllib3 [required: >=1.21.1,<1.27, installed: 1.26.2]
- rfc5424-logging-handler [required: Any, installed: 1.4.3]
- pytz [required: Any, installed: 2020.4]
- tzlocal [required: Any, installed: 2.1]
- pytz [required: Any, installed: 2020.4]
- sentry-sdk [required: Any, installed: 0.19.4]
- certifi [required: Any, installed: 2020.11.8]
- urllib3 [required: >=1.10.0, installed: 1.26.2]
- thoth-common [required: Any, installed: 0.20.4]
- argo-workflows [required: >=3.5, installed: 3.6.1]
- kubernetes [required: >=11.0.0, installed: 11.0.0]
- certifi [required: >=14.05.14, installed: 2020.11.8]
- google-auth [required: >=1.0.1, installed: 1.23.0]
- cachetools [required: >=2.0.0,<5.0, installed: 4.1.1]
- pyasn1-modules [required: >=0.2.1, installed: 0.2.8]
- pyasn1 [required: >=0.4.6,<0.5.0, installed: 0.4.8]
- rsa [required: >=3.1.4,<5, installed: 4.6]
- pyasn1 [required: >=0.1.3, installed: 0.4.8]
- setuptools [required: >=40.3.0, installed: 50.3.2]
- six [required: >=1.9.0, installed: 1.15.0]
- python-dateutil [required: >=2.5.3, installed: 2.8.1]
- six [required: >=1.5, installed: 1.15.0]
- pyyaml [required: >=3.12, installed: 5.3.1]
- requests [required: Any, installed: 2.25.0]
- certifi [required: >=2017.4.17, installed: 2020.11.8]
- chardet [required: >=3.0.2,<4, installed: 3.0.4]
- idna [required: >=2.5,<3, installed: 2.10]
- urllib3 [required: >=1.21.1,<1.27, installed: 1.26.2]
- requests-oauthlib [required: Any, installed: 1.3.0]
- oauthlib [required: >=3.0.0, installed: 3.1.0]
- requests [required: >=2.0.0, installed: 2.25.0]
- certifi [required: >=2017.4.17, installed: 2020.11.8]
- chardet [required: >=3.0.2,<4, installed: 3.0.4]
- idna [required: >=2.5,<3, installed: 2.10]
- urllib3 [required: >=1.21.1,<1.27, installed: 1.26.2]
- setuptools [required: >=21.0.0, installed: 50.3.2]
- six [required: >=1.9.0, installed: 1.15.0]
- urllib3 [required: >=1.24.2, installed: 1.26.2]
- websocket-client [required: >=0.32.0,!=0.42.*,!=0.41.*,!=0.40.0, installed: 0.57.0]
- six [required: Any, installed: 1.15.0]
- mock [required: Any, installed: 4.0.2]
- attrdict [required: Any, installed: 2.0.1]
- six [required: Any, installed: 1.15.0]
- attrs [required: Any, installed: 20.3.0]
- daiquiri [required: Any, installed: 3.0.0]
- python-json-logger [required: Any, installed: 2.0.1]
- jsonformatter [required: Any, installed: 0.3.0]
- kubernetes [required: ~=11.0.0, installed: 11.0.0]
- certifi [required: >=14.05.14, installed: 2020.11.8]
- google-auth [required: >=1.0.1, installed: 1.23.0]
- cachetools [required: >=2.0.0,<5.0, installed: 4.1.1]
- pyasn1-modules [required: >=0.2.1, installed: 0.2.8]
- pyasn1 [required: >=0.4.6,<0.5.0, installed: 0.4.8]
- rsa [required: >=3.1.4,<5, installed: 4.6]
- pyasn1 [required: >=0.1.3, installed: 0.4.8]
- setuptools [required: >=40.3.0, installed: 50.3.2]
- six [required: >=1.9.0, installed: 1.15.0]
- python-dateutil [required: >=2.5.3, installed: 2.8.1]
- six [required: >=1.5, installed: 1.15.0]
- pyyaml [required: >=3.12, installed: 5.3.1]
- requests [required: Any, installed: 2.25.0]
- certifi [required: >=2017.4.17, installed: 2020.11.8]
- chardet [required: >=3.0.2,<4, installed: 3.0.4]
- idna [required: >=2.5,<3, installed: 2.10]
- urllib3 [required: >=1.21.1,<1.27, installed: 1.26.2]
- requests-oauthlib [required: Any, installed: 1.3.0]
- oauthlib [required: >=3.0.0, installed: 3.1.0]
- requests [required: >=2.0.0, installed: 2.25.0]
- certifi [required: >=2017.4.17, installed: 2020.11.8]
- chardet [required: >=3.0.2,<4, installed: 3.0.4]
- idna [required: >=2.5,<3, installed: 2.10]
- urllib3 [required: >=1.21.1,<1.27, installed: 1.26.2]
- setuptools [required: >=21.0.0, installed: 50.3.2]
- six [required: >=1.9.0, installed: 1.15.0]
- urllib3 [required: >=1.24.2, installed: 1.26.2]
- websocket-client [required: >=0.32.0,!=0.42.*,!=0.41.*,!=0.40.0, installed: 0.57.0]
- six [required: Any, installed: 1.15.0]
- openshift [required: Any, installed: 0.11.2]
- jinja2 [required: Any, installed: 2.11.2]
- MarkupSafe [required: >=0.23, installed: 1.1.1]
- kubernetes [required: ~=11.0.0, installed: 11.0.0]
- certifi [required: >=14.05.14, installed: 2020.11.8]
- google-auth [required: >=1.0.1, installed: 1.23.0]
- cachetools [required: >=2.0.0,<5.0, installed: 4.1.1]
- pyasn1-modules [required: >=0.2.1, installed: 0.2.8]
- pyasn1 [required: >=0.4.6,<0.5.0, installed: 0.4.8]
- rsa [required: >=3.1.4,<5, installed: 4.6]
- pyasn1 [required: >=0.1.3, installed: 0.4.8]
- setuptools [required: >=40.3.0, installed: 50.3.2]
- six [required: >=1.9.0, installed: 1.15.0]
- python-dateutil [required: >=2.5.3, installed: 2.8.1]
- six [required: >=1.5, installed: 1.15.0]
- pyyaml [required: >=3.12, installed: 5.3.1]
- requests [required: Any, installed: 2.25.0]
- certifi [required: >=2017.4.17, installed: 2020.11.8]
- chardet [required: >=3.0.2,<4, installed: 3.0.4]
- idna [required: >=2.5,<3, installed: 2.10]
- urllib3 [required: >=1.21.1,<1.27, installed: 1.26.2]
- requests-oauthlib [required: Any, installed: 1.3.0]
- oauthlib [required: >=3.0.0, installed: 3.1.0]
- requests [required: >=2.0.0, installed: 2.25.0]
- certifi [required: >=2017.4.17, installed: 2020.11.8]
- chardet [required: >=3.0.2,<4, installed: 3.0.4]
- idna [required: >=2.5,<3, installed: 2.10]
- urllib3 [required: >=1.21.1,<1.27, installed: 1.26.2]
- setuptools [required: >=21.0.0, installed: 50.3.2]
- six [required: >=1.9.0, installed: 1.15.0]
- urllib3 [required: >=1.24.2, installed: 1.26.2]
- websocket-client [required: >=0.32.0,!=0.42.*,!=0.41.*,!=0.40.0, installed: 0.57.0]
- six [required: Any, installed: 1.15.0]
- python-string-utils [required: Any, installed: 1.0.0]
- ruamel.yaml [required: >=0.15, installed: 0.16.12]
- ruamel.yaml.clib [required: >=0.1.2, installed: 0.2.2]
- six [required: Any, installed: 1.15.0]
- pyyaml [required: Any, installed: 5.3.1]
- requests [required: Any, installed: 2.25.0]
- certifi [required: >=2017.4.17, installed: 2020.11.8]
- chardet [required: >=3.0.2,<4, installed: 3.0.4]
- idna [required: >=2.5,<3, installed: 2.10]
- urllib3 [required: >=1.21.1,<1.27, installed: 1.26.2]
- rfc5424-logging-handler [required: Any, installed: 1.4.3]
- pytz [required: Any, installed: 2020.4]
- tzlocal [required: Any, installed: 2.1]
- pytz [required: Any, installed: 2020.4]
- sentry-sdk [required: Any, installed: 0.19.4]
- certifi [required: Any, installed: 2020.11.8]
- urllib3 [required: >=1.10.0, installed: 1.26.2]
- toml [required: Any, installed: 0.10.2]
Notes
For more information, see Pipfile and Pipfile.lock.
Once this issue is resolved, the issue will be automatically closed by bot.
Deliver Container Image
Hey, Kebechet!
Please build and deliver the following git tag:
Tag: v0.2.1
[5pt] create SI tool for bandit and containerize it
As an Argo Workflow,
I want to call a command-line tool,
so that it creates a report for an index_package_version
and so that it outputs the report as JSON
Story-Points: 5
Acceptance Criteria
- tool reads module from local disk/directory
- report needs to contain:
- bandit version
- package index
- package name
- package version
- have tekton create a container image on quay on tag
New patch release
Hey, Kebechet!
Create a new patch release, please.
New patch release
Hey, Kebechet!
Create a new patch release, please.
Kebechet update
New patch release
Hey, Kebechet!
Create a new patch release, please.
New minor release
Hey, Kebechet!
Create a new minor release, please.
Missing .aicoe-ci.yaml for release on quay
Describe the bug
Missing .aicoe-ci.yaml for release on quay
To Reproduce
Steps to reproduce the behavior:
- Create patch release
Expected behavior
New image is created on quay.
publish docs for this on https://thoth-station.ninja/ [1pt]
Is your feature request related to a problem? Please describe.
Docs are missing.
Describe the solution you'd like
just as for other modules ;)
Describe alternatives you've considered
n/a
Additional context
n/a
New patch release
Hey, Kebechet!
Create a new patch release, please.
RuntimeError: Requests dependency 'urllib3' must be version >= 1.21.1, < 1.22!
Describe the bug
si-bandit is running into dependency issue regarding the urllib package during the run time.
security-indicator-efba3f66-2946128251: Traceback (most recent call last):
security-indicator-efba3f66-2946128251: File "/opt/app-root/lib/python3.6/site-packages/requests/__init__.py", line 55, in <module>
security-indicator-efba3f66-2946128251: assert minor <= 22
security-indicator-efba3f66-2946128251: AssertionError
security-indicator-efba3f66-2946128251:
security-indicator-efba3f66-2946128251: During handling of the above exception, another exception occurred:
security-indicator-efba3f66-2946128251:
security-indicator-efba3f66-2946128251: Traceback (most recent call last):
security-indicator-efba3f66-2946128251: File "app.py", line 29, in <module>
security-indicator-efba3f66-2946128251: from thoth.analyzer import run_command
security-indicator-efba3f66-2946128251: File "/opt/app-root/lib/python3.6/site-packages/thoth/analyzer/__init__.py", line 3, in <module>
security-indicator-efba3f66-2946128251: from .cli import print_command_result
security-indicator-efba3f66-2946128251: File "/opt/app-root/lib/python3.6/site-packages/thoth/analyzer/cli.py", line 31, in <module>
security-indicator-efba3f66-2946128251: import requests
security-indicator-efba3f66-2946128251: File "/opt/app-root/lib/python3.6/site-packages/requests/__init__.py", line 57, in <module>
security-indicator-efba3f66-2946128251: raise RuntimeError('Requests dependency \'urllib3\' must be version >= 1.21.1, < 1.22!')
security-indicator-efba3f66-2946128251: RuntimeError: Requests dependency 'urllib3' must be version >= 1.21.1, < 1.22!
To Reproduce
Steps to reproduce the behavior:
- Execute
_OpenShift.schedule_security_indicator(python_package_name="click", python_package_version="0.2", python_package_index="https://pypi.org/simple", aggregation_function="process_data") - See error
Additional context
The requests package has no constraint on urllib3 for the latest two releases.
- requests v2.24.0 has urllib3 v1.25.8
- requests v2.23.0 has urllib3 v1.25.4
si-bandit dependencies:
requests v2.24.0
urllib3 v1.25.9
New patch release
Hey, Kebechet!
Create a new patch release, please.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.