Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Deploy-cli seems rotten and breaks govulncheck #2121

Open
tuminoid opened this issue Dec 12, 2024 · 1 comment · May be fixed by #2123
Open

Deploy-cli seems rotten and breaks govulncheck #2121

tuminoid opened this issue Dec 12, 2024 · 1 comment · May be fixed by #2123
Assignees
@mquhuy
Labels
kind/bug Categorizes issue or PR as related to a bug. triage/accepted Indicates an issue is ready to be actively worked on.

Comments

@tuminoid
Copy link
Member

When scanning the repository with osv-scanner, it fails to do code analysis as deploy-cli seems to be rotten as it is not actively verified in any code paths.

❯ osv-scanner -r --skip-git .
Scanning dir .
Scanned /home/tumi/git/metal3-io/baremetal-operator/apis/go.mod file and found 51 packages
Scanned /home/tumi/git/metal3-io/baremetal-operator/go.mod file and found 97 packages
Scanned /home/tumi/git/metal3-io/baremetal-operator/hack/tools/go.mod file and found 58 packages
Scanned /home/tumi/git/metal3-io/baremetal-operator/pkg/hardwareutils/go.mod file and found 1 package
Scanned /home/tumi/git/metal3-io/baremetal-operator/test/go.mod file and found 151 packages
Filtered 5 local package/s from the scan.
Failed to run code analysis (govulncheck) on '/home/tumi/git/metal3-io/baremetal-operator/hack/tools/go.mod' because govulncheck: loading packages: 
There are errors with the provided package patterns:

/home/tumi/git/metal3-io/baremetal-operator/hack/tools/deploy-cli/deploy-cli.go:456:20: undefined: testexec.KubectlApply

For details on package patterns, see https://pkg.go.dev/cmd/go#hdr-Package_lists_and_patterns.

(the Go toolchain is required)

BMO: main

/kind bug
@metal3-io-bot metal3-io-bot added kind/bug Categorizes issue or PR as related to a bug. needs-triage Indicates an issue lacks a `triage/foo` label and requires one. labels Dec 12, 2024
@tuminoid
Copy link
Member Author

/assign @mquhuy
/triage accepted

@metal3-io-bot metal3-io-bot added triage/accepted Indicates an issue is ready to be actively worked on. and removed needs-triage Indicates an issue lacks a `triage/foo` label and requires one. labels Dec 12, 2024
@mquhuy mquhuy linked a pull request Dec 12, 2024 that will close this issue
Open
mquhuy added a commit to Nordix/baremetal-operator that referenced this issue Dec 13, 2024
@mquhuy
Fix error on Deploy-cli
f6bf2bd 
This commit fixes errors found by osv-scanner in deploy-cli [1]
It also adds `hack/tools` package as a linting target, so that
any failure due to dependencies changes will get detected in the future.

[1] metal3-io#2121

Signed-off-by: Huy Mai <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mquhuy mquhuy

Labels
kind/bug Categorizes issue or PR as related to a bug. triage/accepted Indicates an issue is ready to be actively worked on.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

🐛 Fix error on Deploy-cli Nordix/baremetal-operator
3 participants
@tuminoid @mquhuy @metal3-io-bot