Discussed in #1155
Originally posted by berbarroso May 6, 2022
Hi,
I'm having trouble to Sslyze and Angularjs CSTI Scanner tool.
For Sslyze, the result of my pod after I scan a values.yaml file is "ImagePullBackOff".
For Angularjs CSTI Scanner tool, it has 0 findings and only blank space when I download the json file on securecodebox website (localhost:9000).
I tried using the examples directory in this repo of each tools and not working as well.
This is the output when I input the describe pod for sslyze scan kubectl describe pod <scan-sslyze-result2-fh82z-zknk7>.
Name: scan-sslyze-result2-fh82z-zknk7
Namespace: owasp-sslyze
Priority: 0
Node: gke-pentest-default-pool-62248041-z61p/10.128.0.35
Start Time: Fri, 06 May 2022 18:16:29 +0800
Labels: app.kubernetes.io/managed-by=securecodebox
controller-uid=2080c505-ce6e-4f36-aead-116eaeab9a17
job-name=scan-sslyze-result2-fh82z
Annotations: securecodebox.io/job-type: scanner
sidecar.istio.io/inject: false
Status: Pending
IP: 10.0.1.9
IPs:
IP: 10.0.1.9
Controlled By: Job/scan-sslyze-result2-fh82z
Containers:
sslyze:
Container ID:
Image: docker.io/securecodebox/scanner-sslyze:5.0.3
Image ID:
Port: <none>
Host Port: <none>
Command:
sh
/wrapper.sh
--json_out
/home/securecodebox/sslyze-results.json
--regular
www.serbisyo.com
State: Waiting
Reason: ImagePullBackOff
Ready: False
Restart Count: 0
Environment: <none>
Mounts:
/home/securecodebox/ from scan-results (rw)
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-9x4pk (ro)
lurker:
Container ID: containerd://827ee1a1df4d7f5df3d5fd5f1877dd186b0e9347e025b6e6fb6f8d9e4e81e562
Image: docker.io/securecodebox/lurker:3.10.0
Image ID: docker.io/securecodebox/lurker@sha256:ceef46748f1494e358986e4a9e78cea4c927734e5367a02d9bad62a3e21c730e
Port: <none>
Host Port: <none>
Args:
--container
sslyze
--file
/home/securecodebox/sslyze-results.json
--url
http://securecodebox-operator-minio.securecodebox-system.svc.cluster.local:9000/securecodebox/scan-9608cd42-cdcf-403d-857e-6ccea4cc36f7/sslyze-results.json?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=YOURACCESSKEY%2F20220506%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20220506T101629Z&X-Amz-Expires=43200&X-Amz-SignedHeaders=host&X-Amz-Signature=d0016ad790b69ebe818eab552334b2ab2e9017cac919cb0876d02415f2627d07
State: Running
Started: Fri, 06 May 2022 18:16:31 +0800
Ready: True
Restart Count: 0
Limits:
cpu: 100m
memory: 100Mi
Requests:
cpu: 20m
memory: 20Mi
Environment:
NAMESPACE: owasp-sslyze (v1:metadata.namespace)
Mounts:
/home/securecodebox/ from scan-results (ro)
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-9x4pk (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
scan-results:
Type: EmptyDir (a temporary directory that shares a pod's lifetime)
Medium:
SizeLimit: <unset>
kube-api-access-9x4pk:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: Burstable
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 2m29s default-scheduler Successfully assigned owasp-sslyze/scan-sslyze-result2-fh82z-zknk7 to gke-pentest-default-pool-62248041-z61p
Normal Pulled 2m29s kubelet Container image "docker.io/securecodebox/lurker:3.10.0" already present on machine
Normal Created 2m29s kubelet Created container lurker
Normal Started 2m28s kubelet Started container lurker
Warning Failed 107s (x3 over 2m29s) kubelet Failed to pull image "docker.io/securecodebox/scanner-sslyze:5.0.3": rpc error: code = Unknown desc = failed to pull and unpack image "docker.io/securecodebox/scanner-sslyze:5.0.3": failed to resolve reference "docker.io/securecodebox/scanner-sslyze:5.0.3": pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed
Warning Failed 107s (x3 over 2m29s) kubelet Error: ErrImagePull
Normal BackOff 69s (x6 over 2m28s) kubelet Back-off pulling image "docker.io/securecodebox/scanner-sslyze:5.0.3"
Warning Failed 69s (x6 over 2m28s) kubelet Error: ImagePullBackOff
Normal Pulling 54s (x4 over 2m29s) kubelet Pulling image "docker.io/securecodebox/scanner-sslyze:5.0.3"
Thank you for the response and stay safe!
It seems like the image for sslyze securecodebox/scanner-sslyze is missing in our build for 3rd party tools:
|
scanner: |
|
- git-repo-scanner |
|
- screenshooter |
|
- test-scan |
|
- zap-advanced |
Discussed in #1155
Originally posted by berbarroso May 6, 2022
Hi,
I'm having trouble to Sslyze and Angularjs CSTI Scanner tool.
For Sslyze, the result of my pod after I scan a values.yaml file is "ImagePullBackOff".
For Angularjs CSTI Scanner tool, it has 0 findings and only blank space when I download the json file on securecodebox website (localhost:9000).
I tried using the examples directory in this repo of each tools and not working as well.
This is the output when I input the describe pod for sslyze scan
kubectl describe pod <scan-sslyze-result2-fh82z-zknk7>.Thank you for the response and stay safe!
It seems like the image for sslyze
securecodebox/scanner-sslyzeis missing in our build for 3rd party tools:secureCodeBox/.github/workflows/release-build.yaml
Lines 422 to 426 in 679c915