Lab 4 - Following bonus steps to fix vulnerability results in failed pipeline

Question

Lab 4 - Following bonus steps to fix vulnerability results in failed pipeline

Opened this issue 2 years ago · 4 comments

After following these steps to fix the s2i task, the pipeline now fails at the "wait-application" step. The output contains a Go segmentation violation. I was unable to proceed to the pentest and performance testing sections of the lab.

NOTE: the screenshot and attached log file are from different iterations encountering the same error.

The log for 'wait-application' stage is attached, and this shows the error from the console:

wait-application.log

Answer 1 · 2022-02-12T17:07:57.000Z

I cannot tell if this error is only because I tried the bonus steps to fix the CVE, or if it would have happened anyway with using the ACS policy exemption. I do not how to undo the re-creation of the s2i task, so cannot confirm.

Answer 2 · 2022-02-21T16:09:21.000Z

hi @bakebossdev, thanks for raising this error. Let me try to reproduce it in one of our clusters and I'll update asap. Meanwhile, you can rerun the pipeline because seems to be a race condition in OpenShift GitOps / ArgoCD to me.

Answer 3 · 2022-07-12T20:11:14.000Z

@rcarrata any update on this? @dzilbermanvmw @piggyvenus can you guys also take a look? Thanks

Answer 4 · 2022-07-17T13:14:34.000Z

@lkerner is fixed in rcarrata/devsecops-demo#54, I need to push from upstream to the lab4 in agnosticd. This week (hopefully) I'll have time to adjust the lab4 and include some fixes around this.