Failed to get the report-guid for the last scan.

check_alerts_of_incident, timeout: 3 minutes, error: Failed to get unique values of alerts {"guid": "26973d20-564b-4bd8-9787-727802d4b6f9", "name": "Unexpected process launched", "attributes": {"incidentStatus": "completed"}, "updatedTime": "2024-08-29T12:33:15Z", "spiffe": "wlid://cluster-kind-systests-46942283-15a1-4fb7-a318-713de1c7d775/namespace-systest-ns-fbtw/deployment-redis-sleep", "resourceID": "", "designators": {"designatorType": "Attributes", "wlid": "wlid://cluster-kind-systests-46942283-15a1-4fb7-a318-713de1c7d775/namespace-systest-ns-fbtw/deployment-redis-sleep", "attributes": {"cluster": "kind-systests-46942283-15a1-4fb7-a318-713de1c7d775", "clusterShortName": "kind-systests-46942283-15a1-4fb7-a318-713de1c7d775", "containerName": "redis", "customerGUID": "3f4a257e-11ea-4cee-8bc0-ca8daa65a833", "kind": "Deployment", "name": "redis-sleep", "namespace": "systest-ns-fbtw", "nodeName": "systests-46942283-15a1-4fb7-a318-713de1c7d775-control-plane", "originalCacheEntry": "3f4a257e-11ea-4cee-8bc0-ca8daa65a833/kind-systests-46942283-15a1-4fb7-a318-713de1c7d775/systests-46942283-15a1-4fb7-a318-713de1c7d775-control-plane/wlid://cluster-kind-systests-46942283-15a1-4fb7-a318-713de1c7d775/namespace-systest-ns-fbtw/deployment-redis-sleep/redis/26973d20-564b-4bd8-9787-727802d4b6f9", "podName": "redis-sleep-7bd7d4785f-4n5vq"}}, "arguments": {"retval": 0}, "infectedPID": 12384, "fixSuggestions": "If this is a valid behavior, please add the exec call \"/bin/ls\" to the whitelist in the application profile for the Pod \"redis-sleep-7bd7d4785f-4n5vq\". You can use the following command: kubectl patch applicationprofile replicaset-redis-sleep-7bd7d4785f --namespace systest-ns-fbtw --type merge -p '{\"spec\": {\"containers\": [{\"name\": \"redis\", \"execs\": [{\"path\": \"/bin/ls\", \"args\": [\"/bin/ls\",\"-l\",\"/tmp\"]}]}]}}'", "severity": 5, "timestamp": "2024-08-29T12:30:22.375Z", "nanoseconds": 1724934622375977949, "ruleDescription": "Unexpected process launched: /bin/ls in: redis", "kind": {"Group": "", "Version": "", "Kind": ""}, "resource": {"Group": "", "Version": "", "Resource": ""}, "clusterName": "kind-systests-46942283-15a1-4fb7-a318-713de1c7d775", "containerName": "redis", "hostNetwork": false, "image": "docker.io/library/redis@sha256:92f3e116c1e719acf78004dd62992c3ad56f68f810c93a8db3fe2351bb9722c2", "imageDigest": "sha256:a5b1aed421143f36e2445cb2def7135ab7edb69eaa8066d07c3fa344f1052902", "namespace": "systest-ns-fbtw", "nodeName": "systests-46942283-15a1-4fb7-a318-713de1c7d775-control-plane", "containerID": "6d8041d51be091121c25a3db1f54ca0389a04fa00051f2f2a8a943cf06f1b85c", "podName": "redis-sleep-7bd7d4785f-4n5vq", "podNamespace": "systest-ns-fbtw", "workloadName": "redis-sleep", "workloadNamespace": "systest-ns-fbtw", "workloadKind": "Deployment", "alertType": 0, "ruleID": "R0001", "hostName": "", "message": "Unexpected process launched: /bin/ls in: redis", "incidentCategory": "Anomaly", "incidentTypeID": "I013", "policiesApplied": [{"guid": "8ac868dd-5f24-49ef-be31-ec543f7477d6", "name": "Malware-new-systest-kind-e79839a6-7220-4714-b8f5-c4e5386bef55", "enabled": false, "scope": {}, "ruleSetType": "", "updatedBy": "", "notifications": null, "actions": null}, {"guid": "9a82a6a1-a8ab-4382-bdb4-0ba8b48ec19b", "name": "Malware-new-systest-kind-eb731017-244a-4797-ba05-b12240b6761f", "enabled": false, "scope": {}, "ruleSetType": "", "updatedBy": "", "notifications": null, "actions": null}, {"guid": "17794a36-9303-4692-9d6c-8ef419ae0d43", "name": "Anomaly", "enabled": false, "scope": {}, "ruleSetType": "", "updatedBy": "", "notifications": null, "actions": null}], "creationTimestamp": "2024-08-29T12:30:45.337Z", "description": "A process was launched that is not expected to run in the environment.", "mitreTactic": "TA0002", "incidentSeverity": "Medium", "severityScore": 300, "isDismissed": false, "markedAsFalsePositive": false, "processTree": {"processTree": {"pid": 12384, "cmdline": "/bin/ls -l /tmp", "comm": "ls", "ppid": 12374, "pcomm": "runc", "hardlink": "/bin/busybox", "uid": 0, "gid": 0, "upperLayer": false, "cwd": "/data", "path": "/bin/ls"}, "uniqueID": 0, "containerID": "6d8041d51be091121c25a3db1f54ca0389a04fa00051f2f2a8a943cf06f1b85c"}} {"fields": {"ruleID": ["R0001", "R0003"]}, "fieldsCount": {"ruleID": [{"key": "R0001", "count": 1}, {"key": "R0003", "count": 10}]}}. kwargs: '{'incident': {'guid': '26973d20-564b-4bd8-9787-727802d4b6f9', 'name': 'Unexpected process launched', 'attributes': {'incidentStatus': 'completed'}, 'updatedTime': '2024-08-29T12:33:15Z', 'spiffe': 'wlid://cluster-kind-systests-46942283-15a1-4fb7-a318-713de1c7d775/namespace-systest-ns-fbtw/deployment-redis-sleep', 'resourceID': '', 'designators': {'designatorType': 'Attributes', 'wlid': 'wlid://cluster-kind-systests-46942283-15a1-4fb7-a318-713de1c7d775/namespace-systest-ns-fbtw/deployment-redis-sleep', 'attributes': {'cluster': 'kind-systests-46942283-15a1-4fb7-a318-713de1c7d775', 'clusterShortName': 'kind-systests-46942283-15a1-4fb7-a318-713de1c7d775', 'containerName': 'redis', 'customerGUID': '3f4a257e-11ea-4cee-8bc0-ca8daa65a833', 'kind': 'Deployment', 'name': 'redis-sleep', 'namespace': 'systest-ns-fbtw', 'nodeName': 'systests-46942283-15a1-4fb7-a318-713de1c7d775-control-plane', 'originalCacheEntry': '3f4a257e-11ea-4cee-8bc0-ca8daa65a833/kind-systests-46942283-15a1-4fb7-a318-713de1c7d775/systests-46942283-15a1-4fb7-a318-713de1c7d775-control-plane/wlid://cluster-kind-systests-46942283-15a1-4fb7-a318-713de1c7d775/namespace-systest-ns-fbtw/deployment-redis-sleep/redis/26973d20-564b-4bd8-9787-727802d4b6f9', 'podName': 'redis-sleep-7bd7d4785f-4n5vq'}}, 'arguments': {'retval': 0}, 'infectedPID': 12384, 'fixSuggestions': 'If this is a valid behavior, please add the exec call "/bin/ls" to the whitelist in the application profile for the Pod "redis-sleep-7bd7d4785f-4n5vq". You can use the following command: kubectl patch applicationprofile replicaset-redis-sleep-7bd7d4785f --namespace systest-ns-fbtw --type merge -p \'{"spec": {"containers": [{"name": "redis", "execs": [{"path": "/bin/ls", "args": ["/bin/ls","-l","/tmp"]}]}]}}\'', 'severity': 5, 'timestamp': '2024-08-29T12:30:22.375Z', 'nanoseconds': 1724934622375977949, 'ruleDescription': 'Unexpected process launched: /bin/ls in: redis', 'kind': {'Group': '', 'Version': '', 'Kind': ''}, 'resource': {'Group': '', 'Version': '', 'Resource': ''}, 'clusterName': 'kind-systests-46942283-15a1-4fb7-a318-713de1c7d775', 'containerName': 'redis', 'hostNetwork': False, 'image': 'docker.io/library/redis@sha256:92f3e116c1e719acf78004dd62992c3ad56f68f810c93a8db3fe2351bb9722c2', 'imageDigest': 'sha256:a5b1aed421143f36e2445cb2def7135ab7edb69eaa8066d07c3fa344f1052902', 'namespace': 'systest-ns-fbtw', 'nodeName': 'systests-46942283-15a1-4fb7-a318-713de1c7d775-control-plane', 'containerID': '6d8041d51be091121c25a3db1f54ca0389a04fa00051f2f2a8a943cf06f1b85c', 'podName': 'redis-sleep-7bd7d4785f-4n5vq', 'podNamespace': 'systest-ns-fbtw', 'workloadName': 'redis-sleep', 'workloadNamespace': 'systest-ns-fbtw', 'workloadKind': 'Deployment', 'alertType': 0, 'ruleID': 'R0001', 'hostName': '', 'message': 'Unexpected process launched: /bin/ls in: redis', 'incidentCategory': 'Anomaly', 'incidentTypeID': 'I013', 'policiesApplied': [{'guid': '8ac868dd-5f24-49ef-be31-ec543f7477d6', 'name': 'Malware-new-systest-kind-e79839a6-7220-4714-b8f5-c4e5386bef55', 'enabled': False, 'scope': {}, 'ruleSetType': '', 'updatedBy': '', 'notifications': None, 'actions': None}, {'guid': '9a82a6a1-a8ab-4382-bdb4-0ba8b48ec19b', 'name': 'Malware-new-systest-kind-eb731017-244a-4797-ba05-b12240b6761f', 'enabled': False, 'scope': {}, 'ruleSetType': '', 'updatedBy': '', 'notifications': None, 'actions': None}, {'guid': '17794a36-9303-4692-9d6c-8ef419ae0d43', 'name': 'Anomaly', 'enabled': False, 'scope': {}, 'ruleSetType': '', 'updatedBy': '', 'notifications': None, 'actions': None}], 'creationTimestamp': '2024-08-29T12:30:45.337Z', 'description': 'A process was launched that is not expected to run in the environment.', 'mitreTactic': 'TA0002', 'incidentSeverity': 'Medium', 'severityScore': 300, 'isDismissed': False, 'markedAsFalsePositive': False, 'processTree': {'processTree': {'pid': 12384, 'cmdline': '/bin/ls -l /tmp', 'comm': 'ls', 'ppid': 12374, 'pcomm': 'runc', 'hardlink': '/bin/busybox', 'uid': 0, 'gid': 0, 'upperLayer': False, 'cwd': '/data', 'path': '/bin/ls'}, 'uniqueID': 0, 'containerID': '6d8041d51be091121c25a3db1f54ca0389a04fa00051f2f2a8a943cf06f1b85c'}}}'

workload nginx is not deleted from backend

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

get_posture_frameworks, timeout: 2 minutes, error: Error accessing dashboard. Request: results of posture frameworks is empty. kwargs: '{'framework_name': '', 'report_guid': '2b22b6e7-b8c3-49da-b33a-55dedda424ed'}'

Failed to get the report-guid for the last scan.

cluster resource 'systest-ns-8l8b/StatefulSet/my-statefulset' is '2184' while resource version in BE is '1987'

Failed to get the report-guid for the last scan.

workload nginx is not deleted from backend

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

verify_incident_in_backend_list, timeout: 0 minutes, error: Failed to get incidents list []. kwargs: '{'cluster': 'kind-systests-9257f3d4-8486-429e-9e01-3484304b6df9', 'namespace': 'systest-ns-ilfg', 'incident_name': 'Unexpected process launched'}'

Failed to get the report-guid for the last scan.

in validate_network_policy_entry: verified_entries is not equal, actual: 0, expected: 1

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

amount of kubernetes resources ('/None') is not as expected ('Deployment/nginx-deployment, StatefulSet/my-statefulset')

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

Failed to get the report-guid for the last scan.

in validate_network_policy_entry: verified_entries is not equal, actual: 0, expected: 1

Error accessing dashboard. Request: setRegistryScanCronJob "CyberArmorTests" (code: 400, message: [{"message":"Registry scanning is deprecated for the Kubescape version installed on the sensor. Please update to the latest helm version."}])

verify_incident_completed, timeout: 5 minutes, error: Not completed incident {"guid": "b4132930-5c8a-48cb-a615-340452d564f2", "name": "Unexpected process launched", "attributes": {"incidentStatus": "incomplete"}, "updatedTime": "2024-09-02T07:05:23Z", "spiffe": "wlid://cluster-kind-systests-673b14ee-c934-4e47-ab9a-d857e59bf3cd/namespace-systest-ns-ailv/deployment-redis-sleep", "resourceID": "", "designators": {"designatorType": "Attributes", "wlid": "wlid://cluster-kind-systests-673b14ee-c934-4e47-ab9a-d857e59bf3cd/namespace-systest-ns-ailv/deployment-redis-sleep", "attributes": {"cluster": "kind-systests-673b14ee-c934-4e47-ab9a-d857e59bf3cd", "clusterShortName": "kind-systests-673b14ee-c934-4e47-ab9a-d857e59bf3cd", "containerName": "redis", "customerGUID": "3f4a257e-11ea-4cee-8bc0-ca8daa65a833", "kind": "Deployment", "name": "redis-sleep", "namespace": "systest-ns-ailv", "nodeName": "systests-673b14ee-c934-4e47-ab9a-d857e59bf3cd-control-plane", "originalCacheEntry": "3f4a257e-11ea-4cee-8bc0-ca8daa65a833/kind-systests-673b14ee-c934-4e47-ab9a-d857e59bf3cd/systests-673b14ee-c934-4e47-ab9a-d857e59bf3cd-control-plane/wlid://cluster-kind-systests-673b14ee-c934-4e47-ab9a-d857e59bf3cd/namespace-systest-ns-ailv/deployment-redis-sleep/redis/b4132930-5c8a-48cb-a615-340452d564f2", "podName": "redis-sleep-7bd7d4785f-dc6hf"}}, "arguments": {"retval": 0}, "infectedPID": 12281, "fixSuggestions": "If this is a valid behavior, please add the exec call \"/bin/ls\" to the whitelist in the application profile for the Pod \"redis-sleep-7bd7d4785f-dc6hf\". You can use the following command: kubectl patch applicationprofile replicaset-redis-sleep-7bd7d4785f --namespace systest-ns-ailv --type merge -p '{\"spec\": {\"containers\": [{\"name\": \"redis\", \"execs\": [{\"path\": \"/bin/ls\", \"args\": [\"/bin/ls\",\"-l\",\"/tmp\"]}]}]}}'", "severity": 5, "timestamp": "2024-09-02T07:05:15.576Z", "nanoseconds": 1725260715576366264, "ruleDescription": "Unexpected process launched: /bin/ls in: redis", "kind": {"Group": "", "Version": "", "Kind": ""}, "resource": {"Group": "", "Version": "", "Resource": ""}, "clusterName": "kind-systests-673b14ee-c934-4e47-ab9a-d857e59bf3cd", "containerName": "redis", "hostNetwork": false, "image": "docker.io/library/redis@sha256:92f3e116c1e719acf78004dd62992c3ad56f68f810c93a8db3fe2351bb9722c2", "imageDigest": "sha256:a5b1aed421143f36e2445cb2def7135ab7edb69eaa8066d07c3fa344f1052902", "namespace": "systest-ns-ailv", "nodeName": "systests-673b14ee-c934-4e47-ab9a-d857e59bf3cd-control-plane", "containerID": "3da61b4c7310e020c7edda8e7057b10648f7ca9d1155186f1d206a7ae1959825", "podName": "redis-sleep-7bd7d4785f-dc6hf", "podNamespace": "systest-ns-ailv", "workloadName": "redis-sleep", "workloadNamespace": "systest-ns-ailv", "workloadKind": "Deployment", "alertType": 0, "ruleID": "R0001", "hostName": "", "message": "Unexpected process launched: /bin/ls in: redis", "incidentCategory": "Anomaly", "incidentTypeID": "I013", "policiesApplied": [{"guid": "8ac868dd-5f24-49ef-be31-ec543f7477d6", "name": "Malware-new-systest-kind-e79839a6-7220-4714-b8f5-c4e5386bef55", "enabled": false, "scope": {}, "ruleSetType": "", "updatedBy": "", "notifications": null, "actions": null}, {"guid": "9a82a6a1-a8ab-4382-bdb4-0ba8b48ec19b", "name": "Malware-new-systest-kind-eb731017-244a-4797-ba05-b12240b6761f", "enabled": false, "scope": {}, "ruleSetType": "", "updatedBy": "", "notifications": null, "actions": null}, {"guid": "17794a36-9303-4692-9d6c-8ef419ae0d43", "name": "Anomaly", "enabled": false, "scope": {}, "ruleSetType": "", "updatedBy": "", "notifications": null, "actions": null}], "creationTimestamp": "2024-09-02T07:05:23.45Z", "description": "A process was launched that is not expected to run in the environment.", "incidentSeverity": "Medium", "isDismissed": false, "markedAsFalsePositive": false, "processTree": {"processTree": {"pid": 12281, "cmdline": "/bin/ls -l /tmp", "comm": "ls", "ppid": 12272, "pcomm": "runc", "hardlink": "/bin/busybox", "uid": 0, "gid": 0, "upperLayer": false, "cwd": "/data", "path": "/bin/ls"}, "uniqueID": 0, "containerID": "3da61b4c7310e020c7edda8e7057b10648f7ca9d1155186f1d206a7ae1959825"}}. kwargs: '{'incident_id': 'b4132930-5c8a-48cb-a615-340452d564f2'}'

verify_incident_completed, timeout: 5 minutes, error: Not completed incident {"guid": "e31904db-b601-4bcf-966e-9bbdc9e4e2c5", "name": "Unexpected process launched", "attributes": {"incidentStatus": "incomplete"}, "updatedTime": "2024-09-02T07:18:31Z", "spiffe": "wlid://cluster-kind-systests-cffcd49f-7229-43ae-90bb-9b96748b54c6/namespace-systest-ns-23aj/deployment-redis-sleep", "resourceID": "", "designators": {"designatorType": "Attributes", "wlid": "wlid://cluster-kind-systests-cffcd49f-7229-43ae-90bb-9b96748b54c6/namespace-systest-ns-23aj/deployment-redis-sleep", "attributes": {"cluster": "kind-systests-cffcd49f-7229-43ae-90bb-9b96748b54c6", "clusterShortName": "kind-systests-cffcd49f-7229-43ae-90bb-9b96748b54c6", "containerName": "redis", "customerGUID": "3f4a257e-11ea-4cee-8bc0-ca8daa65a833", "kind": "Deployment", "name": "redis-sleep", "namespace": "systest-ns-23aj", "nodeName": "systests-cffcd49f-7229-43ae-90bb-9b96748b54c6-control-plane", "originalCacheEntry": "3f4a257e-11ea-4cee-8bc0-ca8daa65a833/kind-systests-cffcd49f-7229-43ae-90bb-9b96748b54c6/systests-cffcd49f-7229-43ae-90bb-9b96748b54c6-control-plane/wlid://cluster-kind-systests-cffcd49f-7229-43ae-90bb-9b96748b54c6/namespace-systest-ns-23aj/deployment-redis-sleep/redis/e31904db-b601-4bcf-966e-9bbdc9e4e2c5", "podName": "redis-sleep-7bd7d4785f-qc2bj"}}, "arguments": {"retval": 0}, "infectedPID": 12334, "fixSuggestions": "If this is a valid behavior, please add the exec call \"/bin/ls\" to the whitelist in the application profile for the Pod \"redis-sleep-7bd7d4785f-qc2bj\". You can use the following command: kubectl patch applicationprofile replicaset-redis-sleep-7bd7d4785f --namespace systest-ns-23aj --type merge -p '{\"spec\": {\"containers\": [{\"name\": \"redis\", \"execs\": [{\"path\": \"/bin/ls\", \"args\": [\"/bin/ls\",\"-l\",\"/tmp\"]}]}]}}'", "severity": 5, "timestamp": "2024-09-02T07:18:27.693Z", "nanoseconds": 1725261507693675573, "ruleDescription": "Unexpected process launched: /bin/ls in: redis", "kind": {"Group": "", "Version": "", "Kind": ""}, "resource": {"Group": "", "Version": "", "Resource": ""}, "clusterName": "kind-systests-cffcd49f-7229-43ae-90bb-9b96748b54c6", "containerName": "redis", "hostNetwork": false, "image": "docker.io/library/redis@sha256:92f3e116c1e719acf78004dd62992c3ad56f68f810c93a8db3fe2351bb9722c2", "imageDigest": "sha256:a5b1aed421143f36e2445cb2def7135ab7edb69eaa8066d07c3fa344f1052902", "namespace": "systest-ns-23aj", "nodeName": "systests-cffcd49f-7229-43ae-90bb-9b96748b54c6-control-plane", "containerID": "9154e74dca239f9834ee1f56ea79b1aa04cb501f61eb7054ebf3d8e422e68bdb", "podName": "redis-sleep-7bd7d4785f-qc2bj", "podNamespace": "systest-ns-23aj", "workloadName": "redis-sleep", "workloadNamespace": "systest-ns-23aj", "workloadKind": "Deployment", "alertType": 0, "ruleID": "R0001", "hostName": "", "message": "Unexpected process launched: /bin/ls in: redis", "incidentCategory": "Anomaly", "incidentTypeID": "I013", "policiesApplied": [{"guid": "8ac868dd-5f24-49ef-be31-ec543f7477d6", "name": "Malware-new-systest-kind-e79839a6-7220-4714-b8f5-c4e5386bef55", "enabled": false, "scope": {}, "ruleSetType": "", "updatedBy": "", "notifications": null, "actions": null}, {"guid": "9a82a6a1-a8ab-4382-bdb4-0ba8b48ec19b", "name": "Malware-new-systest-kind-eb731017-244a-4797-ba05-b12240b6761f", "enabled": false, "scope": {}, "ruleSetType": "", "updatedBy": "", "notifications": null, "actions": null}, {"guid": "17794a36-9303-4692-9d6c-8ef419ae0d43", "name": "Anomaly", "enabled": false, "scope": {}, "ruleSetType": "", "updatedBy": "", "notifications": null, "actions": null}], "creationTimestamp": "2024-09-02T07:18:31.91Z", "description": "A process was launched that is not expected to run in the environment.", "incidentSeverity": "Medium", "isDismissed": false, "markedAsFalsePositive": false, "processTree": {"processTree": {"pid": 12334, "cmdline": "/bin/ls -l /tmp", "comm": "ls", "ppid": 12324, "pcomm": "runc", "hardlink": "/bin/busybox", "uid": 0, "gid": 0, "upperLayer": false, "cwd": "/data", "path": "/bin/ls"}, "uniqueID": 0, "containerID": "9154e74dca239f9834ee1f56ea79b1aa04cb501f61eb7054ebf3d8e422e68bdb"}}. kwargs: '{'incident_id': 'e31904db-b601-4bcf-966e-9bbdc9e4e2c5'}'

The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3, github/codeql-action/upload-sarif@v2. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/