search

Samsung / LPVS

License Pre-Validation Service analyzes which open source components and licenses are used in every patch. It returns the list of restricted licenses and the possibility of license violation on the comment with the exact code location and the open source component information.
https://samsung.github.io/LPVS/
MIT License
24 stars 26 forks source link

Exception during analyzing PR with empty commit #399

Closed t-naumenko closed 7 months ago

t-naumenko commented 8 months ago

Bug Report

Description: There is an exception arises in lpvs docker container when triggering webhook by openning Pull Request with empty commit

Steps to Reproduce:

  1. Create empty commit in a new branch
  2. Push it to the repository
  3. Open Simple or Draft Pull Request
  4. No result or notification on PR page about scan result/problem and exceptions in lpvs docker container

Expected Behavior: Result with no potential risks or notification on Pull Request page about impossibility of scanning process due to any changes in empty commit

Test Environment Configuration: Please complete the following information):

Additional context Logs from container:

2024-01-08 15:06:15.430  INFO 1 --- [           main] com.lpvs.LicensePreValidationSystem      : Starting LicensePreValidationSystem v1.4.0 using Java 11.0.16 on 1f915c5c7c0d with PID 1 (/root/lpvs.jar started by root in /root)
2024-01-08 15:06:15.432  INFO 1 --- [           main] com.lpvs.LicensePreValidationSystem      : No active profile set, falling back to 1 default profile: "default"
2024-01-08 15:06:15.940  INFO 1 --- [           main] .s.d.r.c.RepositoryConfigurationDelegate : Bootstrapping Spring Data JPA repositories in DEFAULT mode.
2024-01-08 15:06:15.978  INFO 1 --- [           main] .s.d.r.c.RepositoryConfigurationDelegate : Finished Spring Data repository scanning in 32 ms. Found 6 JPA repository interfaces.
2024-01-08 15:06:16.322  INFO 1 --- [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat initialized with port(s): 7896 (http)
2024-01-08 15:06:16.329  INFO 1 --- [           main] o.apache.catalina.core.StandardService   : Starting service [Tomcat]
2024-01-08 15:06:16.329  INFO 1 --- [           main] org.apache.catalina.core.StandardEngine  : Starting Servlet engine: [Apache Tomcat/9.0.79]
2024-01-08 15:06:16.341  INFO 1 --- [           main] org.apache.catalina.loader.WebappLoader  : Unknown class loader [jdk.internal.loader.ClassLoaders$PlatformClassLoader@355285d3] of class [class jdk.internal.loader.ClassLoaders$PlatformClassLoader]
2024-01-08 15:06:16.360  INFO 1 --- [           main] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring embedded WebApplicationContext
2024-01-08 15:06:16.361  INFO 1 --- [           main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 889 ms
2024-01-08 15:06:16.456  INFO 1 --- [           main] o.hibernate.jpa.internal.util.LogHelper  : HHH000204: Processing PersistenceUnitInfo [name: default]
2024-01-08 15:06:16.487  INFO 1 --- [           main] org.hibernate.Version                    : HHH000412: Hibernate ORM core version 5.6.15.Final
2024-01-08 15:06:16.580  INFO 1 --- [           main] o.hibernate.annotations.common.Version   : HCANN000001: Hibernate Commons Annotations {5.1.2.Final}
2024-01-08 15:06:16.643  INFO 1 --- [           main] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Starting...
2024-01-08 15:06:16.801  INFO 1 --- [           main] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Start completed.
2024-01-08 15:06:16.811  INFO 1 --- [           main] org.hibernate.dialect.Dialect            : HHH000400: Using dialect: org.hibernate.dialect.MySQL8Dialect
2024-01-08 15:06:17.788  INFO 1 --- [           main] o.h.e.t.j.p.i.JtaPlatformInitiator       : HHH000490: Using JtaPlatform implementation: [org.hibernate.engine.transaction.jta.platform.internal.NoJtaPlatform]
2024-01-08 15:06:17.797  INFO 1 --- [           main] j.LocalContainerEntityManagerFactoryBean : Initialized JPA EntityManagerFactory for persistence unit 'default'
2024-01-08 15:06:18.211  INFO 1 --- [           main] com.lpvs.service.LPVSLicenseService      : LICENSES: loaded 7 licenses from DB.
2024-01-08 15:06:18.213  INFO 1 --- [           main] com.lpvs.service.LPVSLicenseService      : LICENSE CONFLICTS: loaded 0 license conflicts from DB.
2024-01-08 15:06:18.215  INFO 1 --- [           main] com.lpvs.service.LPVSDetectService       : License detection scanner: scanoss
2024-01-08 15:06:18.382  INFO 1 --- [           main] o.s.s.web.DefaultSecurityFilterChain     : Will secure any request with [org.springframework.security.web.session.DisableEncodeUrlFilter@1e8f20bf, org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@718212ef, org.springframework.security.web.context.SecurityContextPersistenceFilter@3b6b9981, org.springframework.security.web.header.HeaderWriterFilter@3831fb48, org.springframework.web.filter.CorsFilter@70a9f4b7, org.springframework.security.web.authentication.logout.LogoutFilter@70c6860, org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter@4ab8c3c0, org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter@2978d342, org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter@2fc2d1f0, org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter@488bf7cd, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@43b1fdb7, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@7bdbf06f, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@2fe6bcbb, org.springframework.security.web.session.SessionManagementFilter@1f315f3d, org.springframework.security.web.access.ExceptionTranslationFilter@6311898c, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@6a339bc1]
2024-01-08 15:06:18.510  INFO 1 --- [           main] o.s.b.a.w.s.WelcomePageHandlerMapping    : Adding welcome page: class path resource [static/index.html]
2024-01-08 15:06:18.637  INFO 1 --- [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat started on port(s): 7896 (http) with context path ''
2024-01-08 15:06:18.643  INFO 1 --- [           main] com.lpvs.LicensePreValidationSystem      : Started LicensePreValidationSystem in 3.444 seconds (JVM running for 91.915)
2024-01-08 15:06:18.644  INFO 1 --- [           main] com.lpvs.service.LPVSDetectService       : Triggered signle scan operation
2024-01-08 15:10:19.873  INFO 1 --- [nio-7896-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring DispatcherServlet 'dispatcherServlet'
2024-01-08 15:10:19.874  INFO 1 --- [nio-7896-exec-1] o.s.web.servlet.DispatcherServlet        : Initializing Servlet 'dispatcherServlet'
2024-01-08 15:10:19.874  INFO 1 --- [nio-7896-exec-1] o.s.web.servlet.DispatcherServlet        : Completed initialization in 0 ms
2024-01-08 15:10:21.815 ERROR 1 --- [nio-7896-exec-7] com.lpvs.exception.PageControllerAdvice  : loginFailedLoginFailedException
2024-01-08 15:14:32.942  INFO 1 --- [           main] c.l.service.LPVSQueueProcessorService    : PROCESS Webhook id = 1
2024-01-08 15:14:32.946  INFO 1 --- [  LPVS-ASYNC::1] com.lpvs.service.LPVSQueueService        : GitHub queue processing...
Warning: No files found to scan in folder: /root/Projects/LPVS/e313d7f401c194358922c90c1146bd225cc2ae77
2024-01-08 15:14:34.584 ERROR 1 --- [  LPVS-ASYNC::1] c.l.s.s.s.LPVSScanossDetectService       : Scanoss scanner terminated with non-zero code. Terminating.
2024-01-08 15:14:34.585 ERROR 1 --- [  LPVS-ASYNC::1] c.l.s.s.s.LPVSScanossDetectService       : null
2024-01-08 15:14:34.610 ERROR 1 --- [  LPVS-ASYNC::1] com.lpvs.service.LPVSQueueService        : Can't authorize commentResults() java.lang.Exception: Scanoss scanner terminated with non-zero code. Terminating.
java.lang.Exception: Scanoss scanner terminated with non-zero code. Terminating.
        at com.lpvs.service.scanner.scanoss.LPVSScanossDetectService.runScan(LPVSScanossDetectService.java:137)
        at com.lpvs.service.LPVSDetectService.runScan(LPVSDetectService.java:177)
        at com.lpvs.service.LPVSQueueService.processWebHook(LPVSQueueService.java:254)
        at com.lpvs.service.LPVSQueueService$$FastClassBySpringCGLIB$$42722be.invoke(<generated>)
        at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
        at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:793)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
        at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:763)
        at org.springframework.aop.interceptor.AsyncExecutionInterceptor.lambda$invoke$0(AsyncExecutionInterceptor.java:115)
        at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
        at java.base/java.lang.Thread.run(Thread.java:829)
m-rudyk commented 7 months ago

we got similar error before when scanoss terminated LVPS with due to no code files in pull request. Fixed with this commit: https://github.com/Samsung/LPVS/commit/58644dc9fa2548864fe5edac007933bab90fac6c

$ mkdir empty_dir
$ scanoss-py scan -t --no-wfp-output --all-extensions -o scan-output.json empty_dir/
Writing results to scan-output.json...
Searching empty_dir/ for files to fingerprint...
U Root: empty_dir/, Dirs: [], Files []

Warning: No files found to scan in folder: empty_dir/

According to scanoss code, the scann is finished successfully without terminating.

m-rudyk commented 7 months ago

in contrast to issue description, I have different behavior:

2024-02-15T11:06:22.585+02:00  INFO 45191 --- [           main] c.l.service.LPVSQueueProcessorService    : PROCESS Webhook id = 7
2024-02-15T11:06:22.586+02:00  INFO 45191 --- [  LPVS-ASYNC::2] com.lpvs.service.LPVSQueueService        : GitHub queue processing...
2024-02-15T11:06:22.736+02:00 ERROR 45191 --- [  LPVS-ASYNC::2] com.lpvs.service.LPVSGitHubService       : Can't authorize getPullRequestFiles(): {"message":"Bad credentials","documentation_url":"https://docs.github.com/rest"}
2024-02-15T11:06:22.752+02:00  WARN 45191 --- [  LPVS-ASYNC::2] com.lpvs.service.LPVSQueueService        : Files are not found. Probably pull request is not exists.
2024-02-15T11:06:22.930+02:00 ERROR 45191 --- [  LPVS-ASYNC::2] com.lpvs.service.LPVSGitHubService       : Can't authorize commentResults(): {"message":"Bad credentials","documentation_url":"https://docs.github.com/rest"}
2024-02-15T11:06:23.074+02:00 ERROR 45191 --- [  LPVS-ASYNC::2] com.lpvs.service.LPVSGitHubService       : Can't authorize org.kohsuke.github.HttpException: {"message":"Bad credentials","documentation_url":"https://docs.github.com/rest"}
2024-02-15T11:06:23.098+02:00 ERROR 45191 --- [  LPVS-ASYNC::2] com.lpvs.service.LPVSQueueService        : Can't authorize commentResults() java.lang.Exception: Files are not found. Probably pull request does not exist. Terminating.
java.lang.Exception: Files are not found. Probably pull request does not exist. Terminating.
        at com.lpvs.service.LPVSQueueService.processWebHook(LPVSQueueService.java:265)
o-kopysov commented 7 months ago

@m-rudyk You have an error "message":"Bad credentials" Please check application.properties.

m-rudyk commented 7 months ago

Scanoss successfully finished but exit code is 1 in case of empty dir. Need to add checker if files are present in folder before running scan. If not - exit scan without terminating. solution prepared.