Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Runtime error: nil pointer dereference during copa patch execution in GitLab CI environment #868

Open
1 task
salvasser opened this issue Dec 10, 2024 · 2 comments
Open
1 task

Runtime error: nil pointer dereference during copa patch execution in GitLab CI environment #868

salvasser opened this issue Dec 10, 2024 · 2 comments
Labels
bug Something isn't working

Comments

@salvasser
Copy link

Version of copa

v0.9.0

Expected Behavior

The copa patch command should complete successfully without crashing, applying necessary patches to the specified Docker image.

Actual Behavior

The command fails with a segmentation fault specifically when executed within GitLab CI. The error does not occur when the command is executed in a local Docker container. Below is the error output captured from the GitLab CI job:

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0xc4832f]
goroutine 51 [running]:
github.com/cpuguy83/go-docker/transport.(*Transport).DoRaw(...)
...
created by google.golang.org/grpc.(*acBalancerWrapper).Connect in goroutine 50
...

Interestingly, the same command executes successfully when run locally in a Docker container, indicating that the issue may be specific to the GitLab CI environment.

Steps To Reproduce

  1. Pull any Docker image within a GitLab CI job.
  2. Execute a vulnerability scan on the image using Trivy within the same CI job.
  3. Attempt to patch the image using copa patch within the GitLab CI job.

Commands Executed:

# Vulnerability scan
trivy image --pkg-types os --ignore-unfixed -f json -o output.json $IMAGE

# Image patching
copa patch -i $IMAGE -r output.json -t patched

Dockerfile

FROM golang:alpine3.21 AS build

RUN apk add --no-cache bash make git && \
    git config --global core.compression 0 && git clone --depth 1 https://github.com/project-copacetic/copacetic && \
    cd copacetic && make

FROM moby/buildkit:v0.18.1

RUN apk add --no-cache curl bash jq docker-cli && \
    curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.58.0

COPY --from=build /go/copacetic/dist/linux_amd64/release/copa /usr/local/bin/copa

Are you willing to submit PRs to contribute to this bug fix?

  • Yes, I am willing to implement it.
@salvasser salvasser added the bug Something isn't working label Dec 10, 2024
@ashnamehrotra
Copy link
Contributor

ashnamehrotra commented Dec 10, 2024
edited
Loading

@salvasser I am not able to build the Dockerfile, where is this used and how is it built?

@salvasser
Copy link
Author

@ashnamehrotra I build this Dockerfile locally and on gitlab runner, no problems

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
Copacetic Workboard
Status: 🆕 New
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ashnamehrotra @salvasser