search

gitleaks / gitleaks-action

Protect your secrets using Gitleaks-Action
https://gitleaks.io
Other
319 stars 122 forks source link

[ORG] is an organization. License key is required. undefined:1 #136

Closed jtmilanest closed 7 months ago

jtmilanest commented 7 months ago

We have signed up for the license key and installed it in our GH Environment; everything works fine except today when we encountered it.

Please find the issue below:

Any help/suggest will be greatly appreciated! 🙏 Thanks! 

[ThisOrg] is an organization. A license key is required.
undefined:1

Run gitleaks/gitleaks-action@v2.3.2
  env:
    GITHUB_TOKEN: ***
    GITLEAKS_LICENSE: ***
    GITLEAKS_ENABLE_SUMMARY: true
    GITLEAKS_VERSION: latest

[meetearnest] is an organization. License key is required.
undefined:1
<!DOCTYPE html>
^

SyntaxError: Unexpected token < in JSON at position 0
    at JSON.parse (<anonymous>)
    at IncomingMessage.<anonymous> (/home/runner/work/_actions/gitleaks/gitleaks-action/v[2](https://github.com/meetearnest/infra-secrets/actions/runs/7795856289/job/21260005201#step:5:2).[3](https://github.com/meetearnest/infra-secrets/actions/runs/7795856289/job/21260005201#step:5:3).2/dist/index.js:70890:22)
    at IncomingMessage.emit (node:events:[5](https://github.com/meetearnest/infra-secrets/actions/runs/7795856289/job/21260005201#step:5:5)25:35)
    at endReadableNT (node:internal/streams/readable:135[8](https://github.com/meetearnest/infra-secrets/actions/runs/7795856289/job/21260005201#step:5:9):[12](https://github.com/meetearnest/infra-secrets/actions/runs/7795856289/job/21260005201#step:5:13))
    at processTicksAndRejections (node:internal/process/task_queues:83:21)
rtuin commented 7 months ago

Same here. We are using @v2. Which should resolve to the version you're using: v2.3.2

jtmilanest commented 7 months ago

I guess this is related to the node version upgrade which is not yet merged 🤔 https://github.com/gitleaks/gitleaks-action/pull/134

ngoduykhanh commented 7 months ago

I have the same problem. Gitleaks uses keygen.sh to validate the license. Unfortunately, their service is down at the moment. https://status.keygen.sh cc: @zricethezav

jtmilanest commented 7 months ago

We just had DDOS issues that were resolved! Maybe a coordinated attack 🤔 interesting., I thought it was related to the Node version issue. I appreciate your finding. So far, my workaround for this job is to disable or skip it for now. 

    # if: github.actor != 'svc-git-infra-read'
    if: false
zricethezav commented 7 months ago

This should be totally resolved today.

Moving forward I'll be looking at a change that decreases the frequency at which the license is checked. This will limit the impact of keygen outages (I've been using keygen for 2+ years and this is the first outage they've had).