vulnerability-operator
vulnerability-operator copied to clipboard
Published
20 hours ago •
ckotzbauer
ckotzbauer
invalid memory address or nil pointer dereference
Hey Christian, starting with 0.23.0 i get the error "invalid memory address or nil pointer dereference". See debug logs below.
In addition, i tested the versions 0.24.0, 0.25.0 and 0.26.0 where the error also appears. Version 0.22.0 was still working.
Looking at the history between those two verrsions there are only two commits with code changes but those don't seem to be related: https://github.com/ckotzbauer/vulnerability-operator/commit/6a87a172e3cc3c16d6b4d7805056deb219ad9984 https://github.com/ckotzbauer/vulnerability-operator/commit/d08c827364d7d3cd2238cc816002e415507312e4
To me it looks like the error was introduced by lib updates.
time="2024-08-12T10:21:04Z" level=info msg="Version: 0.26.0"
time="2024-08-12T10:21:04Z" level=info msg="Commit: xxxxx
time="2024-08-12T10:21:04Z" level=info msg="Buit at: 2024-07-14T07:32:01Z"
time="2024-08-12T10:21:04Z" level=info msg="Buit by: goreleaser"
time="2024-08-12T10:21:04Z" level=info msg="Go Version: go1.22.5"
time="2024-08-12T10:21:04Z" level=debug msg="Cron set to: 0 0 * * * *"
time="2024-08-12T10:21:04Z" level=debug msg="Sources set to: [git]"
time="2024-08-12T10:21:04Z" level=debug msg="Targets set to: [metrics]"
time="2024-08-12T10:21:04Z" level=debug msg="Next background-service run at: 2024-08-12 11:00:00 +0000 UTC"
time="2024-08-12T10:21:04Z" level=info msg="Webserver is running at port 8080"
time="2024-08-12T11:00:00Z" level=info msg="Execute background-service"
Enumerating objects: 86800, done.
Counting objects: 100% (1888/1888), done.
Compressing objects: 100% (615/615), done.
Total 86800 (delta 1273), reused 1721 (delta 1106), pack-reused 84912
time="2024-08-12T11:07:13Z" level=debug msg="Git-Repository is prepared!"
time="2024-08-12T11:07:13Z" level=debug msg="Load vulnerability database"
2024/08/12 11:12:00 cron: panic running job: runtime error: invalid memory address or nil pointer dereference
goroutine 1346 [running]:
github.com/robfig/cron.(*Cron).runWithRecovery.func1()
github.com/robfig/[email protected]/cron.go:161 +0x65
panic({0x265eb00?, 0x4d08670?})
runtime/panic.go:770 +0x132
github.com/ckotzbauer/vulnerability-operator/internal/vuln/grype.(*Grype).ScanItem(0xc015cc3dd0, {0x35ae890?, 0xc016692390?})
github.com/ckotzbauer/vulnerability-operator/internal/vuln/grype/grype.go:129 +0x662
github.com/ckotzbauer/vulnerability-operator/internal/vuln/daemon.(*CronService).runBackgroundService(0xc00062cac0)
github.com/ckotzbauer/vulnerability-operator/internal/vuln/daemon/daemon.go:98 +0x425
github.com/ckotzbauer/vulnerability-operator/internal/vuln/daemon.Start.func1()
github.com/ckotzbauer/vulnerability-operator/internal/vuln/daemon/daemon.go:43 +0x17
github.com/robfig/cron.FuncJob.Run(0xc000ca4360?)
github.com/robfig/[email protected]/cron.go:92 +0x12
github.com/robfig/cron.(*Cron).runWithRecovery(0x0?, {0x3596aa0?, 0xc000a80f50?})
github.com/robfig/[email protected]/cron.go:165 +0x53
created by github.com/robfig/cron.(*Cron).run in goroutine 49
github.com/robfig/[email protected]/cron.go:199 +0x7c5
Chart-Config:
args:
cron: "0 0 * * * *"
git-branch: master
git-repository: https://github.com/name/repo
min-severity: low
reports-dir: /tmp
sources: git
targets: metrics
verbosity: trace
envVars:
- name: VULN_GIT_ACCESS_TOKEN
valueFrom:
secretKeyRef:
name: git-access-token-sbom
key: token
priorityClassName: "cluster-medium"
resources:
requests:
cpu: 100m
memory: 2Gi
limits:
cpu: 1500m
memory: 10Gi
securityContext:
runAsNonRoot: true
runAsUser: 1000
runAsGroup: 1000
seccompProfile: null
servicemonitor:
enabled: true
