Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Gitleaks Action failing : Invalid Licence #167

Open
souro1212 opened this issue Oct 12, 2024 · 11 comments · May be fixed by #168
Open

Gitleaks Action failing : Invalid Licence #167

souro1212 opened this issue Oct 12, 2024 · 11 comments · May be fixed by #168

Comments

@souro1212
Copy link

souro1212 commented Oct 12, 2024

The GitLeaks GitHub Action is failing due to an "Invalid License" error, preventing the security scan from running. I am facing the same issue across multiple organisations.(Each org has unique licence ).
Details:

PR: https://github.com/DevSecOps-AppSec/testrepo-reusable-workflow/actions/runs/11306937684/job/31448090343?pr=1

Error: Validating key returned [{"meta":{"id":"7e37c504-0d77-42b2-ba84-ae767f8a59b7"},"errors":[{"title":"Account does not have an active subscription","detail":"must have an active subscription to access this resource"}]}]

Screenshot_20241012_213447_Chrome.jpg

Impact: Security scans are blocked across multiple organisations.

@capillary-chandana
Copy link

Even I'm also facing the same issue across multiple organisations.

@zricethezav
Copy link
Collaborator

@souro1212 @capillary-chandana should be fixed now if you're pinned to v2 or latest. The license distributor software I'm using is declining my payment so I've disabled the check in code for now. Sorry for the inconvenience. Lemme know if your issue isn't fixed and I'll reopen this issue.

@souro1212
Copy link
Author

Screenshot_20241013_183323_GitHub.jpg

Now it's showing API limit reached. 😓

@zricethezav
Copy link
Collaborator

@souro1212 you're using an old version, please update to the latest v2.3.7 or pin to v2. Keygen validation won't work unless the payment method is accepted, which it ain't 🤷🏻‍♂️

@souro1212
Copy link
Author

Yup my bad, checked with a fresh PR. It's working now. Thanks a lot 😊

@zricethezav
Copy link
Collaborator

Gonna leave this open for a little longer for visibility actually

@zricethezav zricethezav reopened this Oct 14, 2024
@cristianmagana
Copy link

Anyway I can get a pending license approved?

@zricethezav
Copy link
Collaborator

@cristianmagana technically you dont need a license anymore since I ripped out the license check (for the time being)

@gelocraft
Copy link

gelocraft commented Nov 22, 2024

@cristianmagana technically you dont need a license anymore since I ripped out the license check (for the time being)

@zricethezav i think there's a bug with your license check logic, because i still get a non-zero exit code when ${{ secrets.GITLEAKS_LICENSE }} was not set.

Screenshot_20241123-035954~2.png

@gelocraft gelocraft linked a pull request Nov 22, 2024 that will close this issue
@gelocraft
Copy link

gelocraft commented Nov 22, 2024

I will make an update in readme removing all the GITLEAKS_LICENSE from the docs because it is no longer required when this pr #168 got merged

@souro1212
Copy link
Author

@cristianmagana technically you dont need a license anymore since I ripped out the license check (for the time being)

@zricethezav i think there's a bug with your license check logic, because i still get a non-zero exit code when ${{ secrets.GITLEAKS_LICENSE }} was not set.

Screenshot_20241123-035954~2.png

Just send a dummy license, it worked for me.

        uses: gitleaks/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Using GITHUB_TOKEN from GitHub
          GITLEAKS_LICENSE: "dummyLicense"  # Accessing the license

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

5 participants