search

bridgecrewio / checkov

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
https://www.checkov.io/
Apache License 2.0
7k stars 1.1k forks source link

Checkov 2.2.114 issue #3986

Closed netwrkspider closed 1 year ago

netwrkspider commented 1 year ago

Hello I am getting the below error after upgrading checkov from 2.2.95 to checkov 2.2.114 Please refer the attached screenshots.

Installing collected packages: checkov
Successfully installed checkov-2.2.114
netwrkspider@netwrkspider-labs:~$
netwrkspider@netwrkspider-labs:~$
netwrkspider@netwrkspider-labs:~$
netwrkspider@netwrkspider-labs:~$
netwrkspider@netwrkspider-labs:~$
netwrkspider@netwrkspider-labs:~$
netwrkspider@netwrkspider-labs:~$ checkov -h
Traceback (most recent call last):
  File "/usr/local/bin/checkov", line 2, in <module>
    from checkov.main import run
  File "/usr/local/lib/python3.8/dist-packages/checkov/main.py", line 20, in <module>
    from checkov.argo_workflows.runner import Runner as argo_workflows_runner
  File "/usr/local/lib/python3.8/dist-packages/checkov/argo_workflows/runner.py", line 7, in <module>
    from checkov.common.images.image_referencer import ImageReferencer, Image
  File "/usr/local/lib/python3.8/dist-packages/checkov/common/images/image_referencer.py", line 12, in <module>
    from checkov.common.bridgecrew.vulnerability_scanning.image_scanner import image_scanner
  File "/usr/local/lib/python3.8/dist-packages/checkov/common/bridgecrew/vulnerability_scanning/image_scanner.py", line 15, in <module>
    from checkov.common.bridgecrew.vulnerability_scanning.integrations.docker_image_scanning import \
  File "/usr/local/lib/python3.8/dist-packages/checkov/common/bridgecrew/vulnerability_scanning/integrations/docker_image_scanning.py", line 8, in <module>
    from checkov.common.bridgecrew.vulnerability_scanning.integrations.twistcli import TwistcliIntegration
  File "/usr/local/lib/python3.8/dist-packages/checkov/common/bridgecrew/vulnerability_scanning/integrations/twistcli.py", line 11, in <module>
    from checkov.common.bridgecrew.platform_integration import bc_integration
  File "/usr/local/lib/python3.8/dist-packages/checkov/common/bridgecrew/platform_integration.py", line 39, in <module>
    from checkov.common.util.http_utils import normalize_prisma_url, get_auth_header, get_default_get_headers, \
  File "/usr/local/lib/python3.8/dist-packages/checkov/common/util/http_utils.py", line 10, in <module>
    import aiohttp
  File "/usr/local/lib/python3.8/dist-packages/aiohttp/__init__.py", line 6, in <module>
    from .client import (
  File "/usr/local/lib/python3.8/dist-packages/aiohttp/client.py", line 36, in <module>
    from . import hdrs, http, payload
  File "/usr/local/lib/python3.8/dist-packages/aiohttp/http.py", line 7, in <module>
    from .http_parser import (
  File "/usr/local/lib/python3.8/dist-packages/aiohttp/http_parser.py", line 29, in <module>
    from .helpers import NO_EXTENSIONS, BaseTimerContext
  File "/usr/local/lib/python3.8/dist-packages/aiohttp/helpers.py", line 237, in <module>
    @attr.s(auto_attribs=True, frozen=True, slots=True)
AttributeError: module 'attr' has no attribute 's'
gruebel commented 1 year ago

hey @netwrkspider thanks for reaching out. I think some of the dependencies we use were not updated correctly, when updated checkov itself. Did you use pip install --update checkov? If yes, can you run pip list and share the output here?

x7URTL3 commented 1 year ago

Seems similar to #4011

netwrkspider commented 1 year ago

hey @gruebel I have updated the checkov from 2.2.114 to 2.2.124

Installing collected packages: bc-detect-secrets, checkov Attempting uninstall: bc-detect-secrets Found existing installation: bc-detect-secrets 1.3.14 Uninstalling bc-detect-secrets-1.3.14: Successfully uninstalled bc-detect-secrets-1.3.14 Attempting uninstall: checkov Found existing installation: checkov 2.2.114 Uninstalling checkov-2.2.114: Successfully uninstalled checkov-2.2.114 Successfully installed bc-detect-secrets-1.4.5 checkov-2.2.124

and also upgrade the below tools but still getting the issue.

python3 -m pip install --upgrade pip setuptools wheel packaging==21.3

import aiohttp

File "/usr/local/lib/python3.8/dist-packages/aiohttp/init.py", line 6, in from .client import ( File "/usr/local/lib/python3.8/dist-packages/aiohttp/client.py", line 36, in from . import hdrs, http, payload File "/usr/local/lib/python3.8/dist-packages/aiohttp/http.py", line 7, in from .http_parser import ( File "/usr/local/lib/python3.8/dist-packages/aiohttp/http_parser.py", line 29, in from .helpers import NO_EXTENSIONS, BaseTimerContext File "/usr/local/lib/python3.8/dist-packages/aiohttp/helpers.py", line 237, in @attr.s(auto_attribs=True, frozen=True, slots=True) AttributeError: module 'attr' has no attribute 's'

let me share the pip list

netwrkspider@netwrkspider-labs:~$ sudo pip3 list Package Version

aiodns 3.0.0 aiohttp 3.8.3 aiomultiprocess 0.9.0 aiosignal 1.3.1 altgraph 0.17.2 anglerfish 2.5.0 appdirs 1.4.4 apturl 0.5.2 argcomplete 2.0.0 async-timeout 4.0.2 attr 0.3.2 attrs 22.1.0 bc-detect-secrets 1.4.5 bc-python-hcl2 0.3.47 bcrypt 3.1.7 beautifulsoup4 4.9.1 blinker 1.4 boto3 1.26.16 botocore 1.29.16 Brlapi 0.7.0 cached-property 1.5.2 cachetools 5.2.0 certifi 2022.9.24 cffi 1.15.1 chardet 3.0.4 charset-normalizer 2.0.10 chartkick 0.5.0 checkov 2.2.124 click 8.1.3 click-option-group 0.5.5 cloudsplaining 0.5.0 colorama 0.4.3 colored 1.4.4 ConfigArgParse 1.5.3 configparser 5.2.0 contextlib2 21.6.0 cryptography 2.8 cupshelpers 1.0 cycler 0.10.0 cyclonedx-python-lib 3.1.0 dbus-python 1.2.16 decorator 5.1.1 deep-merge 0.0.4 defer 1.0.6 defusedxml 0.7.1 detect-secrets 1.4.0 distlib 0.3.0 distro 1.4.0 distro-info 0.23ubuntu1 docker 5.0.0 dockerfile-parse 1.2.0 dpath 1.5.0 duplicity 0.8.12.0 entrypoints 0.3 fasteners 0.14.1 feedparser 6.0.8 filelock 3.0.12 Flask 2.0.1 Flask-Cors 3.0.10 Flask-Excel 0.0.7 frozenlist 1.3.3 future 0.18.2 geoip2 3.0.0 gitdb 4.0.9 gitdb2 4.0.2 GitPython 3.0.6 gittyleaks 0.0.31 gunicorn 20.0.4 httplib2 0.14.0 idna 3.4 importlib-metadata 5.1.0 importlib-resources 5.10.0 iocextract 1.13.1 ipaddress 1.0.23 IPy 1.0 itsdangerous 2.0.1 Jinja2 3.0.3 jmespath 1.0.1 joblib 1.0.1 jsonpath-ng 1.5.3 jsonschema 3.2.0 junit-xml 1.9 kb-manager 0.1.7 keyring 18.0.1 kiwisolver 1.2.0 language-selector 0.1 lark 1.1.4 launchpadlib 1.10.13 lazr.restfulclient 0.14.2 lazr.uri 1.0.3 lml 0.1.0 lockfile 0.12.2 louis 3.12.0 lxml 4.5.1 macaroonbakery 1.3.1 mail-parser 3.12.0 Mako 1.1.0 Markdown 3.4.1 MarkupSafe 2.0.1 matplotlib 3.2.1 maxminddb 1.5.4 monotonic 1.5 multidict 6.0.2 networkx 2.6.3 numpy 1.18.4 oauthlib 3.2.2 olefile 0.46 ordereddict 1.1 packageurl-python 0.10.4 packaging 21.3 pandas 1.0.3 paramiko 2.6.0 pathlib 1.0.1 pefile 2019.4.18 pexpect 4.6.0 Pillow 7.0.0 pip 22.3.1 ply 3.11 policy-sentry 0.12.5 policyuniverse 1.5.0.20220613 prettytable 3.5.0 protobuf 3.6.1 pycairo 1.16.2 pycares 4.2.2 pycep-parser 0.3.9 pycparser 2.21 pycups 1.9.73 pyexcel 0.6.7 pyexcel-io 0.6.5 pyexcel-webio 0.1.4 pygal 2.4.0 Pygments 2.13.0 PyGObject 3.36.0 pyinstaller 4.8 pyinstaller-hooks-contrib 2021.5 PyJWT 1.7.1 pymacaroons 0.13.0 pymongo 3.12.0 PyMySQL 0.9.3 PyNaCl 1.3.0 pyparsing 2.4.7 pyRFC3339 1.1 pyrsistent 0.19.2 pyston 2.3.5 pyston-autoload 2.3.5 python-apt 2.0.0+ubuntu0.20.4.8 python-dateutil 2.8.2 python-debian 0.1.36ubuntu1 pytz 2022.6 pyxdg 0.26 PyYAML 5.4.1 regex 2022.10.31 reportlab 3.5.34 requests 2.26.0 requests-oauthlib 1.3.0 requests-unixsocket 0.2.0 s3transfer 0.6.0 scandir 1.10.0 schema 0.7.5 scikit-learn 0.23.1 scipy 1.4.1 SecretStorage 2.3.1 semantic-version 2.10.0 setuptools 65.6.3 sgmllib3k 1.0.0 sh 1.14.3 simplejson 3.17.0 six 1.14.0 sklearn 0.0 smmap 5.0.0 sortedcontainers 2.4.0 soupsieve 2.0.1 systemd-python 234 tabulate 0.9.0 termcolor 1.1.0 threadpoolctl 2.0.0 toml 0.10.2 tqdm 4.64.1 truffleHog 2.2.1 truffleHogRegexes 0.0.7 typing_extensions 4.4.0 ubuntu-advantage-tools 27.12 ubuntu-drivers-common 0.0.0 unattended-upgrades 0.1 update-checker 0.18.0 urllib3 1.26.13 usb-creator 0.3.7 virtualenv 20.0.21 wadllib 1.3.3 waitress 2.0.0 wcwidth 0.2.5 websocket-client 1.4.2 Werkzeug 2.0.2 wheel 0.38.4 wordpress-api 1.2.9 wordpress-json 0.3.1 xkit 0.0.0 xq 0.0.4 yara-python 4.0.1 yarl 1.8.1 zipp 3.10.0 netwrkspider@netwrkspider-labs:~$

gruebel commented 1 year ago

thanks for adding the pip list. My guess is that something else what you installed added a package called attr which doesn't play nice with attrs.

attr 0.3.2
attrs 22.1.0

if you run pip uninstall attr you should be fine. but I recommend you to use a tool called pipx which creates isolated environments for any tool you install, then you won't have these kind of problems.

netwrkspider commented 1 year ago

Hey @gruebel Thanks for the above solution and I tried but it won't work. I uninstall the checkov and re-install using pipx but it's not working.

I also removed the attr

netwrkspider@netwrkspider-labs:~$ pipx install checkov DEPRECATION: dpath is being installed using the legacy 'setup.py install' method, because it does not have a 'pyproject.toml' and the 'wheel' package is not installed. pip 23.1 will enforce this behaviour change. A possible replacement is to enable the '--use-pep517' option. Discussion can be found at https://github.com/pypa/pip/issues/8559 ⚠️ Note: checkov was already on your PATH at /usr/local/bin/checkov ⚠️ Note: checkov.cmd was already on your PATH at /usr/local/bin/checkov.cmd installed package checkov 2.2.127, Python 3.8.10 These binaries are now globally available

netwrkspider commented 1 year ago

Thanks @gruebel , i used pipx and it's solved my problem

gruebel commented 1 year ago

nice, great to hear 😄