Comments (4)
dickc-sg
commented on June 18, 2024
I receive the same error with trivyfs-docker using podman and so I do not believe this is gitleaks-specific.
Steps to reproduce:
$ brew install podman podman-desktop
$ sudo ln -s /opt/homebrew/bin/podman /usr/local/bin/docker
$ pre-commit run -aOutput:
$ pre-commit run -a
Terraform fmt............................................................Passed
Terraform validate.......................................................Passed
Terraform docs...........................................................Passed
Terraform docs...........................................................Passed
Terraform validate with tflint...........................................Passed
trivyfs-docker...........................................................Failed
- hook id: trivyfs-docker
- exit code: 126
Resolving "aquasec/trivy" using unqualified-search registries (/etc/containers/registries.conf.d/999-podman-machine.conf)
Trying to pull docker.io/aquasec/trivy:0.49.1...
Getting image source signatures
Copying blob sha256:98d61a99dbd7e853a40ec0c8f5063ed8d28cfce17ad132ea22f03a0f4f407f48
Copying blob sha256:67b5a74b6f9ebdf4d0394b6c6af6fbd6b37a055c5b6b400fc7d3719d571238e7
Copying blob sha256:bca4290a96390d7a6fc6f2f9929370d06f8dfcacba591c76e3d5c5044e7f420c
Copying blob sha256:7f344fb18575d2d29c36332a7b69a5afecbc9a935f3717edbf096e5c1d52a251
Copying config sha256:e5b7465539b3f2e0fba82eac8536d298f20e66f959e2c2a518d627bc9ba13d6a
Writing manifest to image destination
Error: preparing container d20556de0895883ad945dda386dedc8bdf55322752643427c70a9b197c64c983 for attach: lsetxattr /Users/dickc-sg/Projects/github.com/dickc-sg/sample-repo/.git/objects/8b/90e4ea1b66b95e22a6035021bfb4ca78542b5d: permission denied
check yaml...............................................................Passed
Detect hardcoded secrets.................................................Passed
prettier.................................................................Passed
Worth noting this is on macOS 14.4.1, which may or may not support lsetxattr.
from gitleaks.
rjeffman
commented on June 18, 2024
It seems macOS has issues setting selinux labels with lxsetattr, which requires extended attributes.
Try to set volumes without :z.
from gitleaks.
TribuneX
commented on June 18, 2024
Try to set volumes without
:z.
@rjeffman I found similar suggestion. But how to do that for the pre-commit hook container?
from gitleaks.
rjeffman
commented on June 18, 2024
@TribuneX sorry, but I have no clue on how to fix that. And I just found out today that, under Linux, you may need to have :Z depending on your use case.
In my case I'm trapped between using :rw under macOS and :Z under Linux, and I wanted to have a single solution due to my use case.
from gitleaks.
Related Issues (20)
- Support for matching JWK private key
- does not see unencrypted secrets in the organization
- Rule (regex) identify MSSQL credentials in code analysis HOT 1
- Enhance gitleaks:allow to be usable outside the same line HOT 1
- Output information for fingerprints in .gitleaksignore which does not fit to the scan. HOT 1
- Secret finding is not detected when Read operation returns both n > 0 bytes and EOF
- Add missing GitLab token patterns
- GitLeaks does not detect Jira api keys in source code
- Add Harness Personal Access Token support
- Please update the deprecated way how to set output
- gitleaks does not scan correct files with pre-commit run --files
- no hash shown in fingerprint HOT 2
- Make from source: directions wrong HOT 2
- Failed runs with errors about `artifactClient = artifact.create()` HOT 2
- gitleaks detect missing one commit in scan HOT 2
- create a release to include latest security updates HOT 2
- Fix date on main site
- secrets mistaken as Terraform passwords HOT 1
- Output contains duplicates HOT 2
- Off-by-one error in startColumn and endColumn calculation HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gitleaks.