Comments (6)
Weltraumschaf
commented on June 3, 2024
Hi @kaz-33,
thanks for submitting this issue. We'll investigate this.
from securecodebox.
kaz-33
commented on June 3, 2024
Same issue with "Scan" below the trace
I0304 15:57:30.789915 1 request.go:601] Waited for 1.037581017s due to client-side throttling, not priority and fairness, request: GET:https://10.43.0.1:443/apis/kyverno.io/v1beta1?timeout=32s
1.7095678525127919e+09 INFO controller-runtime.metrics Metrics server is starting to listen {"addr": ":8080"}
1.709567852513952e+09 INFO setup starting manager
1.709567852521771e+09 INFO Starting server {"path": "/metrics", "kind": "metrics", "addr": "[::]:8080"}
1.709567852522336e+09 INFO Starting server {"kind": "health probe", "addr": "[::]:8081"}
I0304 15:57:32.623050 1 leaderelection.go:248] attempting to acquire leader lease securecodebox-system/e341d981.securecodebox.io...
I0304 15:57:32.695167 1 leaderelection.go:258] successfully acquired lease securecodebox-system/e341d981.securecodebox.io
1.7095678526956122e+09 INFO Starting EventSource {"controller": "scantype", "controllerGroup": "execution.securecodebox.io", "controllerKind": "ScanType", "source": "kind source: *v1.ScanType"}
1.7095678526957204e+09 INFO Starting Controller {"controller": "scantype", "controllerGroup": "execution.securecodebox.io", "controllerKind": "ScanType"}
1.7095678526957152e+09 INFO Starting EventSource {"controller": "scan", "controllerGroup": "execution.securecodebox.io", "controllerKind": "Scan", "source": "kind source: *v1.Scan"}
1.7095678526958091e+09 INFO Starting EventSource {"controller": "scan", "controllerGroup": "execution.securecodebox.io", "controllerKind": "Scan", "source": "kind source: *v1.Job"}
1.7095678526958377e+09 INFO Starting Controller {"controller": "scan", "controllerGroup": "execution.securecodebox.io", "controllerKind": "Scan"}
1.7095678526956465e+09 INFO Starting EventSource {"controller": "scheduledscan", "controllerGroup": "execution.securecodebox.io", "controllerKind": "ScheduledScan", "source": "kind source: *v1.ScheduledScan"}
1.7095678526958761e+09 INFO Starting EventSource {"controller": "scheduledscan", "controllerGroup": "execution.securecodebox.io", "controllerKind": "ScheduledScan", "source": "kind source: *v1.Scan"}
1.7095678526959028e+09 INFO Starting Controller {"controller": "scheduledscan", "controllerGroup": "execution.securecodebox.io", "controllerKind": "ScheduledScan"}
1.7095678526953866e+09 DEBUG events Normal {"object": {"kind":"Lease","namespace":"securecodebox-system","name":"e341d981.securecodebox.io","uid":"eb3c1d39-2c38-409b-a4e3-5e364f7a450f","apiVersion":"coordination.k8s.io/v1","resourceVersion":"120204807"}, "reason": "LeaderElection", "message": "securecodebox-controller-manager-59bdd8c5b6-ph7xq_c79d0eaf-8376-4631-9104-899ca9e2031a became leader"}
1.7095678527975159e+09 INFO Starting workers {"controller": "scantype", "controllerGroup": "execution.securecodebox.io", "controllerKind": "ScanType", "worker count": 1}
1.7095678527974482e+09 INFO Starting workers {"controller": "scan", "controllerGroup": "execution.securecodebox.io", "controllerKind": "Scan", "worker count": 1}
1.7095678527975001e+09 INFO Starting workers {"controller": "scheduledscan", "controllerGroup": "execution.securecodebox.io", "controllerKind": "ScheduledScan", "worker count": 1}
1.7095682321622312e+09 INFO controllers.execution.Scan Matching ScanType Found {"scan_init": "securecodebox-system/nmap-scanme.nmap.org1", "ScanType": "nmap"}
1.7095682322677379e+09 INFO controllers.execution.Scan Service Account doesn't exist creating now
1.7095682323993676e+09 INFO controllers.execution.Scan Role doesn't exist creating now
1.709568232541953e+09 INFO controllers.execution.Scan RoleBinding doesn't exist creating now
1.709568232648864e+09 INFO controllers.execution.Scan Configuring customCACerts for lurker {"customCACertificate": "", "isConfigured": false}
1.7095682327015796e+09 INFO KubeAPIWarningLogger metadata.name: this is used in Pod names and hostnames, which can result in surprising behavior; a DNS label is recommended: [must not contain dots]
1.7095682327016318e+09 INFO KubeAPIWarningLogger would violate PodSecurity "restricted:latest": unrestricted capabilities (containers "nmap", "lurker" must set securityContext.capabilities.drop=["ALL"]; container "nmap" must not include "CAP_NET_ADMIN", "CAP_NET_BIND_SERVICE", "CAP_NET_RAW" in securityContext.capabilities.add), seccompProfile (pod or containers "nmap", "lurker" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")
1.7095686343675146e+09 INFO controllers.execution.Scan Matching ParseDefinition Found {"scan_parse": "securecodebox-system/nmap-scanme.nmap.org1", "ParseDefinition": "nmap-xml"}
1.7095686343698142e+09 ERROR controllers.execution.Scan Failed to parse parser url expiration {"error": "Cannot parse env variable: URL_EXPIRATION_PARSER"}
github.com/secureCodeBox/secureCodeBox/operator/controllers/execution/scans.(*ScanReconciler).Reconcile
/workspace/controllers/execution/scans/scan_controller.go:102
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Reconcile
/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:121
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler
/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:320
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem
/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:273
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2
/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:234
1.709568634400552e+09 INFO Observed a panic in reconciler: Cannot parse env variable: URL_EXPIRATION_PARSER {"controller": "scan", "controllerGroup": "execution.securecodebox.io", "controllerKind": "Scan", "scan": {"name":"nmap-scanme.nmap.org1","namespace":"securecodebox-system"}, "namespace": "securecodebox-system", "name": "nmap-scanme.nmap.org1", "reconcileID": "5a086c23-d86c-4410-b74a-4700679c1f0c"}
panic: Cannot parse env variable: URL_EXPIRATION_PARSER [recovered]
panic: Cannot parse env variable: URL_EXPIRATION_PARSER
goroutine 579 [running]:
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Reconcile.func1()
/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:118 +0x1f4
panic({0x15bfa80, 0xc000ff4580})
/usr/local/go/src/runtime/panic.go:884 +0x212
github.com/secureCodeBox/secureCodeBox/operator/controllers/execution/scans.(*ScanReconciler).startParser(0xc0001668c0, 0xc000d3c600)
/workspace/controllers/execution/scans/parse_reconciler.go:79 +0x299b
github.com/secureCodeBox/secureCodeBox/operator/controllers/execution/scans.(*ScanReconciler).Reconcile(0xc0001668c0, {0x1a3e318, 0xc000a30600}, {{{0xc000f507b0, 0x14}, {0xc000f507c8, 0x15}}})
/workspace/controllers/execution/scans/scan_controller.go:102 +0x4c5
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Reconcile(0x1a3e270?, {0x1a3e318?, 0xc000a30600?}, {{{0xc000f507b0?, 0x16fef60?}, {0xc000f507c8?, 0x4045d4?}}})
/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:121 +0xc8
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler(0xc00034cfa0, {0x1a3e270, 0xc000a91f00}, {0x163b960?, 0xc0002b7e00?})
/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:320 +0x33c
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem(0xc00034cfa0, {0x1a3e270, 0xc000a91f00})
/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:273 +0x1d9
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2()
/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:234 +0x85
created by sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2
/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:230 +0x333
Thx for your support
from securecodebox.
kaz-33
commented on June 3, 2024
the issue come when i tri to add this values in my values.yaml
presignedUrlExpirationTimes:
scanners: "12h"
parsers: "1h"
hooks: "1h"
from securecodebox.
J12934
commented on June 3, 2024
can you check inside the pod / inside the applied kubernetes resources if helm (or something else) evauluates these values to something else? 12h / 1h look valid to me
from securecodebox.
kaz-33
commented on June 3, 2024
It seems, but I'm not 100% sure, that the problem comes from the single quotation mark around the number. With double quotation marks, I can't find the problem.
from securecodebox.
Weltraumschaf
commented on June 3, 2024
Hi @kaz-33,
it should work also with single quotes:
presignedUrlExpirationTimes:
scanners: '12h'
parsers: '1h'
hooks: '1h'Even without quotes it should work:
presignedUrlExpirationTimes:
scanners: 12h
parsers: 1h
hooks: 1hfrom securecodebox.
Related Issues (20)
- securecodebox-operator-minio keeps crashing on ARM64 kubernetes cluster HOT 2
- Support Google Cloud Storage as an object storage HOT 2
- "product with this name already exists." error when sending trivy image scan results to DefectDojo HOT 3
- Automatically "TrΓΆt" on Mastodon for new Releases
- Admonition in Hooks How-To Broken
- Add a optional ttlSecondsAfterFinished field to scans to cleanup finished scans HOT 3
- π Recurring documentation issue
- Ncrack Parser is using a depracated encryption padding mechanism removed in the newest node security patch
- Switch (optional) encryption of identified passwords from ncrack to use AGE
- Passing parameters to ScheduledScan HOT 1
- add no ssl_use value
- Trivy Parser Creates Malformed Location URL HOT 4
- The scan status displays 'Scanning,' even though the job has reached the specified backoff limit HOT 1
- Lurker terminated with 'OOMKilled' event HOT 5
- NodeSelector configuration not working as documented in SecureCodeBox v4.4.0 HOT 4
- improve security Deployment Workload HOT 4
- Trivy Scans persisted to Defect Dojo are missing multiple metadata fields HOT 8
- π Recurring documentation issue
- "Exception while attaching findings to engagement" error in Persistence-defectdojo HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from securecodebox.