frogbot icon indicating copy to clipboard operation
frogbot copied to clipboard

Published 20 hours ago verified publisher icon jfrog

Not able to scan PR with frogbot exited with error

Open mangeishp opened this issue 1 year ago • 7 comments

I got the below error, I used the github action template for Python package scanning

/opt/hostedtoolcache/frogbot/[RELEASE]/x64/frogbot scan-pull-request
  [14](https://github.com/telia-company/cirrus-ml-experimentation/runs/8191097884?check_suite_focus=true#step:5:15):37:39 [Info] Running Frogbot "scan-pull-request" command 
  14:37:39 [Info] Auditing /runner/_work/cirrus-ml-experimentation/cirrus-ml-experimentation
  Error: 9 [Error] could not determine the package manager / build tool used by this project.
  Error: The process '/opt/hostedtoolcache/frogbot/[RELEASE]/x64/frogbot' failed with exit code [1](https://github.com/telia-company/cirrus-ml-experimentation/runs/8191097884?check_suite_focus=true#step:9:1)

mangeishp avatar Sep 05 '22 15:09 mangeishp

Hi @mangeishp, Thanks for reporting this issue. Frogbot detects the technology type by the descriptor files (package.json / yarn.lock / etc..) on your project's root directory. Can you please provide your project's root dir files list?

sverdlov93 avatar Sep 05 '22 15:09 sverdlov93

I do not have such descriptor file as I was executing this on my package management workflow repository where I have only requirement.txt file. is there any other way to solve this. or it only with project repositories

mangeishp avatar Sep 13 '22 08:09 mangeishp

Hi @mangeishp and thank you for the update. For such cases, we have a specific environment variable. Add the following environment to your YAML file: JF_REQUIREMENTS_FILE: "requirements.txt"

Please let me know if it worked for you. Thank you!

omerzi avatar Sep 13 '22 09:09 omerzi

It proceed further and detect package type as pip however it give invalid token, However the same token I can use for package download from jfrog repo

mangeishp avatar Sep 20 '22 12:09 mangeishp

Hi @mangeishp, can you share the logs? I am guessing that you used Identity or Reference Token, Unfortunately, Identity/Reference tokens are currently not supported by JFrog CLI package manager commands because they need a username in addition to the token.

You can use:

  • JFrog Access Token
  • User + Password
  • set the Reference/Identity Token as a password ( supported by Saas Artifactory 7.42.0 / onPrem Artifactory 7.43.0, on earlier versions use the following workaround - https://github.com/jfrog/jfrog-cli/issues/1616#issuecomment-1217734448

sverdlov93 avatar Sep 21 '22 08:09 sverdlov93

Hi,

As you suggested I have used the username and identity access toke generated on Jfrog ui. Here is the logs,

Frogbot /opt/hostedtoolcache/frogbot/[RELEASE]/x64/frogbot scan-pull-request 06:54:27 [Info] Running Frogbot "scan-pull-request" command 06:54:27 [Info] Auditing /runner/_work/cirrus-poc-package-scanning/cirrus-poc-package-scanning 06:54:27 [Info] Detected: pip. 06:57:18 [Info] JFrog Xray version is: 3.30.1 06:57:18 [Info] Scanning module imbalanced-learn:0.8.1... Error: 8 [Error] Scanning imbalanced-learn:0.8.1 failed with error: Found invalid token Error: 8 [Error] pip Audit command failed: Audit command failed due to Xray internal error Error: The process '/opt/hostedtoolcache/frogbot/[RELEASE]/x64/frogbot' failed with exit code 1

mangeishp avatar Sep 21 '22 11:09 mangeishp

@sverdlov93 Hi, I managed get authenticated with jfrog however now it failed with below errors, can you help

panic: runtime error: index out of range [4] with length 4
  
  goroutine 1 [running]:
  github.com/jfrog/frogbot/commands.createNewIssuesRows({0xc0001cc780, 0x4, 0x0?}, {0xc0003f8000, 0xc, 0x0?})
  	/var/opt/jfrog/pipelines/data/release_frogbot/runs/1129469/steps/Release/8[58](https://github.com/telia-company/cirrus-poc-package-scanning/actions/runs/3226321380/jobs/5279697855#step:5:59)3230/dependencyState/resources/frogbotGit/commands/scanpullrequest.go:90 +0x4c6
  github.com/jfrog/frogbot/commands.scanPullRequest(0xc0001fa400, {0x10e4b98, 0xc000330ab0})
  	/var/opt/jfrog/pipelines/data/release_frogbot/runs/1129469/steps/Release/8583230/dependencyState/resources/frogbotGit/commands/scanpullrequest.go:58 +0x211
  github.com/jfrog/frogbot/commands.ScanPullRequestCmd.Run(...)
  	/var/opt/jfrog/pipelines/data/release_frogbot/runs/1129469/steps/Release/8583230/dependencyState/resources/frogbotGit/commands/scanpullrequest.go:30
  github.com/jfrog/frogbot/commands.Exec({0x10dc380, 0x1848b68}, {0xf4f7e9, 0x11})
  	/var/opt/jfrog/pipelines/data/release_frogbot/runs/1129469/steps/Release/8583230/dependencyState/resources/frogbotGit/commands/commands.go:28 +0x1ef
  github.com/jfrog/frogbot/commands.GetCommands.func1(0xc00033c3[60](https://github.com/telia-company/cirrus-poc-package-scanning/actions/runs/3226321380/jobs/5279697855#step:5:61)?)
  	/var/opt/jfrog/pipelines/data/release_frogbot/runs/1129469/steps/Release/8583230/dependencyState/resources/frogbotGit/commands/commands.go:44 +0x32
  github.com/urfave/cli/v2.(*Command).Run(0xc00033c360, 0xc00030cbc0)
  	/root/go/pkg/mod/github.com/urfave/cli/[email protected]/command.go:173 +0x6a2
  github.com/urfave/cli/v2.(*App).RunContext(0xc00018a8c0, {0x10e0998?, 0xc00013e000}, {0xc00012e000, 0x2, 0x2})
  	/root/go/pkg/mod/github.com/urfave/cli/[email protected]/app.go:382 +0xfb5
  github.com/urfave/cli/v2.(*App).Run(...)
  	/root/go/pkg/mod/github.com/urfave/cli/[email protected]/app.go:251
  main.ExecMain()
  	/var/opt/jfrog/pipelines/data/release_frogbot/runs/1129469/steps/Release/8583230/dependencyState/resources/frogbotGit/main.go:27 +0x158
  main.main()
  	/var/opt/jfrog/pipelines/data/release_frogbot/runs/1129469/steps/Release/8583230/dependencyState/resources/frogbotGit/main.go:16 +0x1e
  Error: The process '/opt/hostedtoolcache/frogbot/[RELEASE]/x[64](https://github.com/telia-company/cirrus-poc-package-scanning/actions/runs/3226321380/jobs/5279697855#step:5:65)/frogbot' failed with exit code 2

my workflow

name: "Frogbot Scan Pull Request"
on:
  pull_request_target:
    types: [opened, synchronize]
permissions:
  pull-requests: write
  contents: read
jobs:
  scan-pull-request:
    runs-on: ubuntu-latest
    # A pull request needs to be approved, before Frogbot scans it. Any GitHub user who is associated with the
    # "frogbot" GitHub environment can approve the pull request to be scanned.
    environment: frogbot
    steps:
      - uses: actions/checkout@v2
        with:
          ref: ${{ github.event.pull_request.head.sha }}

      # Install prerequisites
      - uses: actions/setup-python@v3
        with:
          python-version: "3.7"

      - uses: jfrog/frogbot@v2
        env:
          # [Mandatory]
          # JFrog platform URL (This functionality requires version 3.29.0 or above of Xray)
          JF_URL: ${{ secrets.JF_URL }}
          
          # [Mandatory if JF_ACCESS_TOKEN is not provided]
          # JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD
          JF_USER: ${{ secrets.JF_USER }}

          # [Mandatory if JF_ACCESS_TOKEN is not provided]
          # JFrog password. Must be provided with JF_USER
          JF_PASSWORD: ${{ secrets.JF_ACCESS_TOKEN }}

          # [Mandatory]
          # The GitHub token automatically generated for the job
          JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}

          # [Optional, default: "."]
          # Relative path to the project in the git repository
          JF_REQUIREMENTS_FILE: "requirements.txt"
          #JF_WORKING_DIR: cirrus-ml-experimentation/src/project_template/

mangeishp avatar Oct 11 '22 11:10 mangeishp