Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Deprecation Warning and Parse Error with reviewdog in GitHub Actions #70

Open
stkhr opened this issue Dec 16, 2024 · 5 comments
Open

Deprecation Warning and Parse Error with reviewdog in GitHub Actions #70

stkhr opened this issue Dec 16, 2024 · 5 comments

Comments

@stkhr
Copy link

stkhr commented Dec 16, 2024

When running GitHub Actions, the following warning and error were detected in the logs:

time=2024-12-16T02:24:56.955Z level=WARN msg="reviewdog: -fail-on-error is deprecated. Use -fail-level=any, or -fail-level=error for github-[pr-]check reporter instead. See also https://github.com/reviewdog/reviewdog/blob/master/CHANGELOG.md"
reviewdog: parse error: EOF

screenshot-2024-12-16 13 57 32

Steps to Reproduce:

  1. Trigger the GitHub Actions workflow that uses reviewdog.
  2. Observe the logs for the warning and error messages.

Request:

Could you confirm whether this is a known issue or provide guidance on how to resolve it? Additionally, if this is not expected behavior, would you consider fixing the parse error in a future release?
@marcincuber
Copy link

I am seeing this issues as well reviewdog: parse error: EOF not sure how to fix it.

@nayuta nayuta mentioned this issue Dec 22, 2024
Merged
@nayuta
Copy link
Contributor

nayuta commented Dec 22, 2024

@stkhr @marcincuber I created a PR for the reviewdog changes. However, the parse error is not related to it. Could you give me any other information like targets?

@stkhr
Copy link
Author

stkhr commented Dec 22, 2024

@nayuta
Thank you for your quick response and for creating the PR to address the reviewdog changes. I really appreciate it!

Regarding the EOF parse error, I investigated further and found that the issue seems to be specific to my environment. When testing in a different environment, the EOF error did not occur. I will fix EOF error myself.

@MichaelFoleyFZ
Copy link

I just ran into the same Parsing error with the response reviewdog: parse error: EOF
The target in our case was a terraform module with misconf and secret scanning enabled.

Running reviewdog + trivy locally (based on a rough copy of what the script.sh does ) and it doesn't output anything but there weren't any findings to report so I wouldn't expect it to?

This works fine on our other modules.

( cd _modules/constants && terraform init --backend=false ) && trivy fs _modules/constants/ --severity MEDIUM,HIGH,CRITICAL --scanners misconfig,secret --misconfig-scanners terraform  --format sarif --exit-code 1 | reviewdog -f sarif -reporter=local  -level info -fail-level error


Initializing modules...
Initializing provider plugins...
- terraform.io/builtin/terraform is built in to Terraform
- Reusing previous version of hashicorp/aws from the dependency lock file
- Reusing previous version of 1password/onepassword from the dependency lock file
- Using previously-installed hashicorp/aws v5.84.0
- Using previously-installed 1password/onepassword v2.1.2

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
2025-01-31T15:35:37+11:00       INFO    [misconfig] Misconfiguration scanning is enabled
2025-01-31T15:35:37+11:00       INFO    [secret] Secret scanning is enabled
2025-01-31T15:35:37+11:00       INFO    [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-01-31T15:35:37+11:00       INFO    [secret] Please see also https://aquasecurity.github.io/trivy/v0.58/docs/scanner/secret#recommendation for faster secret detection
2025-01-31T15:35:38+11:00       INFO    [terraform scanner] Scanning root module        file_path="."
2025-01-31T15:35:38+11:00       WARN    [terraform parser] Variable values was not found in the environment or variable files. Evaluating may not work correctly.       module="root" variables="cloudfront_resources_bucket, deployment, environment, platform, service"
2025-01-31T15:35:38+11:00       INFO    Detected config files   num=1

With the sarif report as

{
  "version": "2.1.0",
  "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/main/sarif-2.1/schema/sarif-schema-2.1.0.json",
  "runs": [
    {
      "tool": {
        "driver": {
          "fullName": "Trivy Vulnerability Scanner",
          "informationUri": "https://github.com/aquasecurity/trivy",
          "name": "Trivy",
          "rules": [],
          "version": "0.58.2"
        }
      },
      "results": [],
      "columnKind": "utf16CodeUnits",
      "originalUriBaseIds": {
        "ROOTPATH": {
          "uri": "~/_modules/constants/"
        }
      }
    }
  ]
}

And our Action output

Run reviewdog/action-trivy@v1
  with:
    tool_name: Vulnerability Report: 
    trivy_version: v0.58.0
    trivy_target: ./_modules/constants
    trivy_command: fs
    trivy_flags: --severity MEDIUM,HIGH,CRITICAL --scanners misconfig,secret --misconfig-scanners terraform
    filter_mode: nofilter
    level: info
    fail_level: error
    github_token: ***
    working_directory: .
    reporter: github-pr-check
    fail_on_error: false
  env:
    TERRAGRUNT_NON_INTERACTIVE: true
    TERRAFORM_CLI_PATH: /home/runner/work/_temp/1bccd3ea-a20a-42fc-87ae-5b3892344a7f
Run $GITHUB_ACTION_PATH/script.sh
  $GITHUB_ACTION_PATH/script.sh
  shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
  env:
    TERRAGRUNT_NON_INTERACTIVE: true
    TERRAFORM_CLI_PATH: /home/runner/work/_temp/1bccd3ea-a20a-42fc-87ae-5b3892344a7f
    REVIEWDOG_VERSION: v0.20.3
    INPUT_GITHUB_TOKEN: ***
    INPUT_WORKING_DIRECTORY: .
    INPUT_LEVEL: info
    INPUT_REPORTER: github-pr-check
    INPUT_TOOL_NAME: Vulnerability Report: 
    INPUT_FILTER_MODE: nofilter
    INPUT_FAIL_ON_ERROR: false
    INPUT_FAIL_LEVEL: error
    INPUT_FLAGS: 
    INPUT_TRIVY_VERSION: v0.58.0
    INPUT_TRIVY_COMMAND: fs
    INPUT_TRIVY_TARGET: ./_modules/constants
    INPUT_TRIVY_FLAGS: --severity MEDIUM,HIGH,CRITICAL --scanners misconfig,secret --misconfig-scanners terraform
Preparing ...
  Detected Linux running on 64bit, will install tools in /tmp/tmp.QoSDZ8GLy2
🐶 Installing reviewdog (v0.20.3) ... https://github.com/reviewdog/reviewdog
  reviewdog/reviewdog info checking GitHub for tag 'v0.20.3'
  reviewdog/reviewdog info found version: 0.20.3 for v0.20.3/Linux/x86_64
  reviewdog/reviewdog info installed /tmp/tmp.QoSDZ8GLy2/reviewdog/reviewdog
 Installing trivy (v0.58.0) ... https://github.com/aquasecurity/trivy
  Downloading https://github.com/aquasecurity/trivy/releases/download/v0.58.0/trivy_0.58.0_Linux-64bit.tar.gz to trivy.tar.gz
  URL: https://github.com/aquasecurity/trivy/releases/download/v0.58.0/trivy_0.58.0_Linux-64bit.tar.gz
  ARCHIVE: trivy.tar.gz
  trivy.tar.gz
 Print trivy details ...
  Version: 0.58.0
 Running trivy with reviewdog 🐶 ...
  reviewdog: parse error: EOF

@MichaelFoleyFZ
Copy link

Looks like updating from Trivy 0.58.0 -> 0.59.0 Fixed the issue.... There was a fix in 0.58.2 that did fix issues with handling null values in trivy. Maybe it was coming from that?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@nayuta @marcincuber @stkhr @MichaelFoleyFZ