Navigation

    Inedo Community Forums

    Forums

    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. cronventis
    3. Posts
    C
    • Profile
    • Following
    • Followers
    • Topics
    • Posts
    • Best
    • Groups

    Posts made by cronventis

    • RE: kubernetes scanner not showing results

      @atripp Wunderfull... Glad I could help.. Looking forward to test when it arrives :)

      posted in Support
      C
      cronventis
    • RE: kubernetes scanner not showing results

      @Dan_Woolf I may have another Idea.... We are running on containerd ... not on dockerd...
      Maybe this makes a difference: https://github.com/kubernetes/kubernetes/issues/95968

      posted in Support
      C
      cronventis
    • RE: kubernetes scanner not showing results

      @atripp Uh.. Ok.. Yes this sounds like an interesting topic ;)

      I can give you one more insight.. This is our first k8s setup, and we have chosen to run our own cluster, locally. So we don't use aws, azure or google... Basically this menas: we could have done anything wrong when setting up the cluster.. Missing something, adding something that does not belong there, and so on...

      For me personally, the information in ProGet is currently nothing I HAVE to have, I actually just wonted to test this and see what is possible ;)

      In maybe 6-12 months we will probably do a migration to azure k8s, maybe then it will work.. But I think for now, I have wasted enough of your time... Thank you for taking such a detailed look into this issue!

      posted in Support
      C
      cronventis
    • RE: kubernetes scanner not showing results

      @Dan_Woolf Sorry to say that, but I really dont know how to help you further. I sent you another json (could be identical, or only have small changes) but was created in a different way.. Maybe this is more useful?

      posted in Support
      C
      cronventis
    • RE: kubernetes scanner not showing results

      @rhessinger
      Rancher: v2.6.2
      Kubernetes: v1.19.9

      posted in Support
      C
      cronventis
    • RE: kubernetes scanner not showing results

      @rhessinger said in kubernetes scanner not showing results:

      [QA-729] Kubernetes API

      E-Mail is on its way again.. :)

      *it probably should be suppor(t)@ ✌

      posted in Support
      C
      cronventis
    • RE: kubernetes scanner not showing results

      @rhessinger E-Mail is on the way.. :)

      posted in Support
      C
      cronventis
    • RE: kubernetes scanner not showing results

      @dean-houston If possible I would prefer not to do that... There might be some sensible data that should not be shared... I know it makes your task a little harder, but I could offer a remote session or something similar...

      posted in Support
      C
      cronventis
    • RE: kubernetes scanner not showing results

      Its a local image.. build and pushed to ProGet by our pipeline..
      Let me know how I can support you with the queries.

      posted in Support
      C
      cronventis
    • RE: commandline update changed installation path

      @gdivis I got the fail message at the end of the update.. So, no, it did not work.
      yes, none of the services where starting.

      I got my issues sorted out by uninstalling and re-config many things.. But moving the install-dir should not have happened by doing a console update.

      posted in Support
      C
      cronventis
    • RE: kubernetes scanner not showing results

      @rhessinger I think so. One example:

      2bed9004-7368-47cc-917b-dfd915230d7f-image.png

      1a1d49f1-4fe6-4b77-b6c0-5044588fcf52-image.png

      maybe its related to the library/ part?

      posted in Support
      C
      cronventis
    • RE: kubernetes scanner not showing results

      Yes, there are 495 entries in that table...

      posted in Support
      C
      cronventis
    • RE: kubernetes scanner not showing results

      I'm on the latest ProGet (Version 6.0.5 (Build 9)) and I'm using the latest Kubernetes extension (1.10.1).

      It seems to work because of the logs:

      Scanning Kubernetes API at https://xxx.xx
      Beginning package/container scan using Kubernetes API at https://xxx.xx...
      Package/Container Scanner completed.
      Scan using Kubernetes API at https://xxx.xx complete; recording data...
      
      posted in Support
      C
      cronventis
    • kubernetes scanner not showing results

      So I set up the kubernetes scanner to be able to see the usage of each image in a feed.
      Although the feed is set up to use the scanner, and the scanner seems to work, there is no usage for an image, even though I'm sure there is.

      So.. Has this feature been used by anyone yet? And is it working and I'm just doing something wrong?

      posted in Support
      C
      cronventis
    • commandline update changed installation path

      I just tried to update proget using the commandline update option:

      hub.exe install ProGet --IsUpgrade=true
      

      Although the installation was set to d:\ProGet, it got changed to C:\Program Files\ProGet

      After that, nothing worked anymore. we then tried to uninstall and re-install completely, without any success.

      Another issue was that I have local admin rights on the Server where ProGet is installed, but I dont have SQL rights to access the database. This lead to another issue when updating.

      posted in Support
      C
      cronventis
    • RE: Proget Duplicate Vulnerability for NPM Package

      Awesome.. Will the duplicates be removed automatically?

      posted in Support
      C
      cronventis
    • RE: Proget Duplicate Vulnerability for NPM Package

      And today I got another one:

      eb0f009f-3277-499b-b855-1ff36882baad-image.png

      And as you can see, its always the same issue
      Since the Update to Version 6 was done on saturday last week (5 days) and we currently have 6 times the same issue, I would actually think its a daily task the duplicates the vulnerability (+ the original that has been assesed before the update)
      491f826d-22df-4fd9-b310-46b4e886fbbf-image.png
      d9ee3977-a3c6-4ab2-b7b9-0fe90654b96e-image.png

      posted in Support
      C
      cronventis
    • RE: Proget Duplicate Vulnerability for NPM Package

      @rhessinger

      We have OSS and Clair, so yes, we have two.. But Clair is not used for npm..

      1a.
      2021-12-16 08_09_21-CWE-400_ Uncontrolled Resource Consumption ('Resou....png
      1b.
      2021-12-16 08_09_07-CWE-400_ Uncontrolled Resource Consumption ('Resou....png

      2a.
      2021-12-16 08_11_19-CWE-400_ Uncontrolled Resource Consumption ('Resou....png
      2b.
      2021-12-16 08_11_11-CWE-400_ Uncontrolled Resource Consumption ('Resou....png

      posted in Support
      C
      cronventis
    • RE: Server Error 500 when creating Kubernetes Scanner

      @rhessinger Version 6.0.4 (Build 8)

      posted in Support
      C
      cronventis
    • Server Error 500 when creating Kubernetes Scanner

      I was trying to create a kubernetes scanner, but when clicking on "Kubernetes API Scanner" inside the modal, it shows an error 500 telling me that the values is not allowed to be NULL.

      Sorry, the following stacktrace contains some german....... ;)

       An error occurred in the web application: Der Wert darf nicht NULL sein.
      Parametername: Inedo.Extensions.Kubernetes.Scanners.KubernetesApiScanner is not a Inedo.Extensibility.VulnerabilitySources.VulnerabilitySource.
      
      Stack trace: bei Inedo.Web.Editors.ExtensionEditor.Initialize(Type extensionType)
      bei Inedo.Web.Editors.ExtensionEditor.GetEditorInternal[TDefaultEditorType](Type type)
      bei Inedo.ProGet.WebApplication.Pages.Administration.PackageContainerScanners.CreateOrEditPackageContainerScannerPage.CreateChildControls()
      bei Inedo.ProGet.WebApplication.Pages.ProGetSimplePageBase.<InitializeAsync>d__12.MoveNext()
      --- Ende der Stapelüberwachung vom vorhergehenden Ort, an dem die Ausnahme ausgelöst wurde ---
      bei System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
      bei System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
      bei Inedo.Web.PageFree.SimplePageBase.<ExecutePageLifeCycleAsync>d__57.MoveNext()
      --- Ende der Stapelüberwachung vom vorhergehenden Ort, an dem die Ausnahme ausgelöst wurde ---
      bei System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
      bei System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
      bei Inedo.Web.PageFree.SimplePageBase.<ProcessRequestAsync>d__56.MoveNext()
      --- Ende der Stapelüberwachung vom vorhergehenden Ort, an dem die Ausnahme ausgelöst wurde ---
      bei System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
      bei System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
      bei System.Web.TaskAsyncHelper.EndTask(IAsyncResult ar)
      bei Inedo.Web.Handlers.AsyncHandlerWrapper.EndProcessRequest(IAsyncResult result)
      bei System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
      bei System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step)
      bei System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
      

      Do you have any idea how this could be fixed? I already tried removing and re-adding the plugin and restarting the server.

      posted in Support
      C
      cronventis
    • Proget Duplicate Vulnerability for NPM Package

      I noticed that we have two vulnerabilities for the same CWE-400 issue that have different ID's:

      xxx.xx/vulnerabilities/vulnerability?vulnerabilityId=875
      xxx.xx/vulnerabilities/vulnerability?vulnerabilityId=1120

      They are both completely equal (at least it looks like it). The only difference, one was already marked as "Caution", the other was new an unassessed.

      This lead to npm installation error, since we dont allow unassessed vulnerabilities.

      We are running ProGet 6.0.4 (Build 8).

      Any Ideas why this happened and how we can prevent the same vulnerability to appear twice with different ID's?

      posted in Support
      C
      cronventis
    • ProGet hosting in k8s or VM?

      Alright.. So we are using ProGet and have it installed on a VM with Windows...
      We are also hosting our own k8s both for development and production..
      And I was thinking about puting ProGet into k8s to more and more reduce the amount of VM's we are running...
      But then again, on ProGet we have our docker images.. Which are needed for almost anything in k8s.... So I was wondering, what would be the best solution to host Proget?

      Any Ideas and thoughts are welcome... ;)

      posted in Support
      C
      cronventis
    • 1 / 1