Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trufflehog scan fails when action is in initial commit #3557

Open
bobidle opened this issue Nov 4, 2024 · 3 comments · May be fixed by #3586
Open

Trufflehog scan fails when action is in initial commit #3557

bobidle opened this issue Nov 4, 2024 · 3 comments · May be fixed by #3586
Labels
bug

Comments

@bobidle
Copy link
Contributor

bobidle commented Nov 4, 2024

TruffleHog Version

Running the latest version of TruffleHog via uses: trufflesecurity/trufflehog@main

Trace Output

https://gist.github.com/bobidle/901838a7c777cf91f374db8b51e69938

Expected Behavior

TruffleHog should scan the initial commit..

Actual Behavior

Process completed with exit code 128

Steps to Reproduce

  1. Create an empty repository
  2. Clone the repository locally
  3. Create folder .github/workflows and file .github/workflows/trufflehog.yaml
  4. Add the general usage example to the file https://github.com/trufflesecurity/trufflehog?tab=readme-ov-file#general-usage
  5. git add ... & git commit ... & git push
  6. Check result of GitHub action.

Environment

  • GitHub workflow with ubuntu-latest

References
@bobidle bobidle added the bug label Nov 4, 2024
@rgmz
Copy link
Contributor

rgmz commented Nov 10, 2024

The error is interesting: commit b9b115394405ca896c845359a03d5012fa5a6c34 exists in the repository but the action is trying to checkout b9b115394405ca896c845359a03d5012fa5a6c34~1.

fatal: ambiguous argument 'b9b115394405ca896c845359a03d5012fa5a6c34~1'

@bobidle bobidle linked a pull request Nov 11, 2024 that will close this issue
Open
2 tasks
@bobidle
Copy link
Contributor Author

bobidle commented Nov 11, 2024

The error message is from git rev-parse $HEAD~$COMMIT_LENGTH, reducing $COMMIT_LENGTH by one does not help as this excludes one commit from the scan.

It could be fixed by setting BASE="" (see my linked pull request), but it is possible that i miss something else.

@bobidle
Copy link
Contributor Author

bobidle commented Nov 11, 2024

Test repositories and jobs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix base on initial commits bobidle/trufflesecurityhog
2 participants
@rgmz @bobidle