Lab 4 - Following bonus steps to fix vulnerability results in failed pipeline #455
Comments
|
I cannot tell if this error is only because I tried the bonus steps to fix the CVE, or if it would have happened anyway with using the ACS policy exemption. I do not how to undo the re-creation of the s2i task, so cannot confirm. |
|
hi @bakebossdev, thanks for raising this error. Let me try to reproduce it in one of our clusters and I'll update asap. Meanwhile, you can rerun the pipeline because seems to be a race condition in OpenShift GitOps / ArgoCD to me. |
|
@rcarrata any update on this? @dzilbermanvmw @piggyvenus can you guys also take a look? Thanks |
|
@lkerner is fixed in rcarrata/devsecops-demo#54, I need to push from upstream to the lab4 in agnosticd. This week (hopefully) I'll have time to adjust the lab4 and include some fixes around this. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
After following these steps to fix the s2i task, the pipeline now fails at the "wait-application" step. The output contains a Go segmentation violation. I was unable to proceed to the pentest and performance testing sections of the lab.
NOTE: the screenshot and attached log file are from different iterations encountering the same error.
The log for 'wait-application' stage is attached, and this shows the error from the console:
wait-application.log
The text was updated successfully, but these errors were encountered: