kics icon indicating copy to clipboard operation
kics copied to clipboard
verified publisher icon Checkmarx

bug(helm): rendering errors on valid charts

Open jghal opened this issue 1 year ago • 2 comments

I posted this first in discussions but received no response.

I have a helm chart based off of https://github.com/runatlantis/helm-charts and when I try to scan with Kics (both 1.7.x in GitLab CI's IaC scan docker image and 2.1.0 in the official checkmarx/kics docker image) I get a bunch of parsing errors. To give you something reproducible, One of the files that is failing to be parsed looks like this

{{- if .Values.repoConfig -}}
apiVersion: v1
kind: ConfigMap
metadata:
  name: {{ template "atlantis.fullname" . }}-repo-config
  labels:
    app: {{ template "atlantis.name" . }}
    chart: {{ template "atlantis.chart" . }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
data:
  repos.yaml: |
{{ .Values.repoConfig | indent 4 }}
{{- end -}}

It's a valid, deployable chart template using the published best practice.

Expected Behavior

the chart is rendered and scanned without error.

Actual Behavior

4:01PM ERR failed to parse file content: /work/templates/configmap-config.yaml error="failed to parse yaml: invalid yaml"

Steps to Reproduce the Problem

(Command line arguments and flags used)

  1. clone https://github.com/runatlantis/helm-charts
  2. cd into charts/atlantis
  3. run docker run --rm -it -u $(id -u):$(id -u) -v $(pwd):/work -w /work checkmarx/kics scan --ci -t Kubernetes -p /work/

Specifications

(N/A if not applicable)

  • Version: 1.7.13, 2.1.0
  • Platform: linux
  • Subsystem: kubernetes

jghal avatar Jun 26 '24 18:06 jghal

Just stumbled over the same issue when trying out kics. Any plan to get this fixed?

toninin avatar Aug 07 '24 15:08 toninin

I have this issue also, first starts at 9:55AM ERR failed to render file content error="failed to render helm chart" 9:55AM ERR failed to render file content error="failed to render helm chart" 9:55AM ERR Filesystem files provider couldn't Resolve Directory, file=mychart error="failed to render helm chart" 9:55AM ERR Filesystem files provider couldn't Resolve Directory, file=mychart error="failed to render helm chart" 9:55AM ERR failed to parse file content: /path/mychart/templates/clusterrole.yaml error="failed to parse yaml: invalid yaml"

tastyfrankfurt avatar Mar 04 '25 09:03 tastyfrankfurt