wiliansilvazup
commented
2 years ago hello @fauresco tnks for your contribuition.
I test this command:
horusec start -p . -t 15000 -a TOKEN -u URL_API -r 150into tth kubernetes project with more of +1000 vulnerabilities and this works very well, check in your API if is enabled received long requests too :)
What happened:
I am getting a timeout error when posting the results to the api after scanning a project that contains 170 vulnerabilities:
time="2022-06-07T18:00:40Z" level=debug msg="{HORUSEC_CLI} HorusecEngine - Leaks is finished in analysisID: [211f4b3a-2c0e-4e99-b5cf-62acb2d56f38]" time="2022-06-07T18:00:50Z" level=error msg="{ERROR_HTTP} failed to make request" error="Post \"https://my-horusec-deployment/api/analysis\": context deadline exceeded (Client.Timeout exceeded while awaiting headers)" time="2022-06-07T18:00:50Z" level=error msg="[HORUSEC] Post \"https://my-horusec-deployment/api/analysis\": context deadline exceeded (Client.Timeout exceeded while awaiting headers)"
It seems it is only 10 seconds, how can I increase this? I have tried the options horusecCliTimeoutInSecondsAnalysis and horusecCliTimeoutInSecondsRequest without success.
Scanning a project with less vulnerabilities works fine, I can see the dashboard populated. So I know that my deployment is working and that it can reach the api server from the machine where the scan is running.
In another test, I have ran the scan (of the project with 170 vulnerabilities) sending the results to a local deployment of Horusec running inside docker compose and it worked. It seems the problem is the latency caused by the network.
How to reproduce it (as minimally and precisely as possible):
Just run a scan in a project with large number of vulnerabilities and try to send the results to a remote deployment of Horusec.
Anything else we need to know?:
Environment (client):
horusec version): v2.7.1Environment (server):
horusec version): v2.17.1 (this is the version of the docker image used by the api pod)