reviewdog / action-trivy

MIT License
9 stars 8 forks source link

proto: syntax error (line 1:1): unexpected token #17

Closed lohrm-stabl closed 4 months ago

lohrm-stabl commented 9 months ago

With the following action:

name: Trivy Checks

on: [pull_request]

jobs:
  build:
    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v2

    - name: Set up Node.js
      uses: actions/setup-node@v2
      with:
        node-version: '20'  # Choose the Node.js version as per your project requirements

    - name: Install project dependencies
      run: yarn install 

    - name: Install CDKTF CLI and TypeScript
      run: yarn global add cdktf-cli@0.19.2 typescript

    - name: Sythesizing
      run: |
        cd src
        cdktf get
        cdktf synth --output .

    - name: Run trivy with reviewdog output on the PR
      uses: reviewdog/action-trivy@v1
      with:
        github_token: ${{ secrets.github_token }}
        working_directory: src/
        level: info # Get more output from reviewdog
        reporter: github-pr-review # Change reviewdog reporter
        filter_mode: nofilter # Check all files, not just the diff
        fail_on_error: true # Fail action if errors are found
        flags: -tee # Add debug flag to reviewdog

Gives the following output:

Run reviewdog/action-trivy@v1
Run $GITHUB_ACTION_PATH/script.sh
  $GITHUB_ACTION_PATH/script.sh
  shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
  env:
    REVIEWDOG_VERSION: v0.16.0
    INPUT_GITHUB_TOKEN: ***
    INPUT_WORKING_DIRECTORY: src/
    INPUT_LEVEL: info
    INPUT_REPORTER: github-pr-review
    INPUT_TOOL_NAME: trivy
    INPUT_FILTER_MODE: nofilter
    INPUT_FAIL_ON_ERROR: true
    INPUT_FLAGS: -tee
    INPUT_TRIVY_VERSION: latest
    INPUT_TRIVY_COMMAND: 
    INPUT_TRIVY_TARGET: 
    INPUT_TRIVY_FLAGS: 
Preparing ...
  Detected Linux running on 64bit, will install tools in /tmp/tmp.IOSNi5XqPh
šŸ¶ Installing reviewdog (v0.16.0) ... https://github.com/reviewdog/reviewdog
  reviewdog/reviewdog info checking GitHub for tag 'v0.16.0'
  reviewdog/reviewdog info found version: 0.16.0 for v0.16.0/Linux/x86_64
  reviewdog/reviewdog info installed /tmp/tmp.IOSNi5XqPh/reviewdog/reviewdog
 Installing trivy (latest) ... https://github.com/aquasecurity/trivy
  Downloading https://github.com/aquasecurity/trivy/releases/download/v0.48.3/trivy_0.48.3_Linux-64bit.tar.gz
 Print trivy details ...
  Version: 0.48.3
 Running trivy with reviewdog šŸ¶ ...
  reviewdog: parse error: failed to unmarshal rdjson (DiagnosticResult): proto: syntax error (line 1:1): unexpected token 
Error: Process completed with exit code 1.
lohrm-stabl commented 9 months ago

also happens with v1.2. of this action & reviewdog v0.17.0:

Run reviewdog/action-trivy@v1.2
  with:
    github_token: ***
    working_directory: src/
    level: info
    reporter: github-pr-review
    filter_mode: nofilter
    fail_on_error: true
    flags: -tee
    tool_name: trivy
    trivy_version: latest
Run $GITHUB_ACTION_PATH/script.sh
  $GITHUB_ACTION_PATH/script.sh
  shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
  env:
    REVIEWDOG_VERSION: v0.17.0
    INPUT_GITHUB_TOKEN: ***
    INPUT_WORKING_DIRECTORY: src/
    INPUT_LEVEL: info
    INPUT_REPORTER: github-pr-review
    INPUT_TOOL_NAME: trivy
    INPUT_FILTER_MODE: nofilter
    INPUT_FAIL_ON_ERROR: true
    INPUT_FLAGS: -tee
    INPUT_TRIVY_VERSION: latest
    INPUT_TRIVY_COMMAND: 
    INPUT_TRIVY_TARGET: 
    INPUT_TRIVY_FLAGS: 
Preparing ...
  Detected Linux running on 64bit, will install tools in /tmp/tmp.VQzYN6cbnO
šŸ¶ Installing reviewdog (v0.17.0) ... https://github.com/reviewdog/reviewdog
  reviewdog/reviewdog info checking GitHub for tag 'v0.17.0'
  reviewdog/reviewdog info found version: 0.17.0 for v0.17.0/Linux/x86_64
  reviewdog/reviewdog info installed /tmp/tmp.VQzYN6cbnO/reviewdog/reviewdog
 Installing trivy (latest) ... https://github.com/aquasecurity/trivy
  Downloading https://github.com/aquasecurity/trivy/releases/download/v0.48.3/trivy_0.48.3_Linux-64bit.tar.gz
 Print trivy details ...
  Version: 0.48.3
 Running trivy with reviewdog šŸ¶ ...
  reviewdog: parse error: failed to unmarshal rdjson (DiagnosticResult): proto: syntax error (line 1:1): unexpected token 
Error: Process completed with exit code 1.
nayuta commented 8 months ago

@lohrm-stabl could you tell me any repository that I can check?

lohrm-stabl commented 8 months ago

I don't have any public repository where this happens. We also stopped using the trivy action (since it didn't work).

nayuta commented 8 months ago

@lohrm-stabl OK. Are these TypeScript projects, right?

lohrm-stabl commented 8 months ago

Exactly. https://developer.hashicorp.com/terraform/cdktf to be specific

nayuta commented 8 months ago

@lohrm-stabl I found the problem that trivy_command and trivy_target are necessary but not supplied in your config. However, we must warn when these parameters are not provided, so I created the PR.

nayuta commented 4 months ago

@haya14busa It seems we can close this PR.