horusec: Horusec is not reading my config-file.json
What happened: I am running Horusec in a pipeline using Docker. I have a Python script that receives the desired parameters and configurations, runs the scan, and shows the results. Two weeks ago it was working fine, but I ran it again yesterday and some issues appeared. First, it returned an error saying “open: /tmp is a directory”. I just create a new branch and without any change in the code, the scanner started to work but currently, it is not taking my config-file.json
How to reproduce it (as minimally and precisely as possible): This is how I am building the command structure in my Python code:
def GetStartHorusecCMD(imageName, reportName, outputFormat, configFilePath):
command =("docker run -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src "+imageName+
":latest horusec start -p /src -P $(pwd) --config-file-path "+configFilePath+" -o "+outputFormat)
if outputFormat != 'text':
command = command + " -O /src/Horusec/"+ reportName
return command
And the variables that I am passing in my pipeline (running in an Ubuntu environment in GitHub) are:
imageName: "horuszup/horusec-cli"
reportName: "Horusec-21-10-07"
outputFormat: 'json'
configFilePath: '/src/Horusec/horusec-config.json'
Anything else we need to know?: This is my project structure:
Configurations showed using the --log-level=debug flag:
Environment:
- Horusec version (use
horusec version): We are downloading the latest version from Docker - Operating System: Ubuntu-latest (GitHub pipeline environment)
- Network plugin / Tool and version (if this is a network-related / tool bug): N/A
- Others:
About this issue
- Original URL
- State: closed
- Created 3 years ago
- Comments: 20 (13 by maintainers)
Commits related to this issue
- config: fix read config file if its not default value Previously we are reading the config file before parsing the command line flags, so, when a user pass a different path of config file we weren't ... — committed to ZupIT/horusec by matheusalcantarazup 3 years ago
- config: fix read config file if its not default value Previously we are reading the config file before parsing the command line flags, so, when a user pass a different path of config file we weren't ... — committed to ZupIT/horusec by matheusalcantarazup 3 years ago
- config: fix read config file if its not default value Previously we are reading the config file before parsing the command line flags, so, when a user pass a different path of config file we weren't ... — committed to ZupIT/horusec by matheusalcantarazup 3 years ago
- config: fix read config file if its not default value Previously we are reading the config file before parsing the command line flags, so, when a user pass a different path of config file we weren't ... — committed to ZupIT/horusec by matheusalcantarazup 3 years ago
- config: fix read config file if its not default value Previously we are reading the config file before parsing the command line flags, so, when a user pass a different path of config file we weren't ... — committed to ZupIT/horusec by matheusalcantarazup 3 years ago
- config: fix read config file if its not default value Previously we are reading the config file before parsing the command line flags, so, when a user pass a different path of config file we weren't ... — committed to ZupIT/horusec by matheusalcantarazup 3 years ago
- config: fix read config file if its not default value (#661) Previously we are reading the config file before parsing the command line flags, so, when a user pass a different path of config file we... — committed to ZupIT/horusec by matheusalcantarazup 3 years ago
- cli: don't crash when error setting log file This commit change the pre run step of cobra command to not crash when get an error when setting the log file. This can be related to #656. Signed-off-by... — committed to ZupIT/horusec by matheusalcantarazup 3 years ago
- cli: not stop analysis when get error to create log file This commit change the pre run step of cobra command to not crash when get an error when setting the log file. This can be related to #656. S... — committed to ZupIT/horusec by matheusalcantarazup 3 years ago
- cli: not stop analysis when get error to create log file (#690) This commit change the pre run step of cobra command to not crash when get an error when setting the log file. This can be related to ... — committed to ZupIT/horusec by matheusalcantarazup 3 years ago
- cli: not stop analysis when get error to create log file (#690) This commit change the pre run step of cobra command to not crash when get an error when setting the log file. This can be related to ... — committed to ZupIT/horusec by matheusalcantarazup 3 years ago
- cli: not stop analysis when get error to create log file (#690) This commit change the pre run step of cobra command to not crash when get an error when setting the log file. This can be related to ... — committed to ZupIT/horusec by matheusalcantarazup 3 years ago
- cli: not stop analysis when get error to create log file (#690) This commit change the pre run step of cobra command to not crash when get an error when setting the log file. This can be related to #... — committed to ZupIT/horusec by matheusalcantarazup 3 years ago
This is great!! I’m still confusing why this error is happening. Here is where we set the default log file path, I don’t understand why in this scenario only
os.TempDir()is used. But I think that its better to not fail the analysis if we get error on creating the log file anyway. I’will open a new issue to discover this bug.Thank you very much for your help and patience, we really appreciate it.
We will release this patch very soon, on the next days.