Problem:
When running the Snyk Orb in CircleCi, if you see an error similar to the following
"Error": {
"ImportStack": [
"github.com/********/<dirname>"
],
...
"Err": "reading github.com/********/<dir or file> at revision <rev>: git ls-remote -q origin in /<location>: exit status 128:\n\t
ERROR: Repository not found.\n\tfatal: Could not read from remote repository.
\n\t\n\tPlease make sure you have the correct access rights\n\tand the repository exists."
Please ensure firstly that you can build your Project in the pipeline outside of Snyk process.
Discussion:
Many Snyk CLI tests utilize the package manager to get dependency information. See https://docs.snyk.io/snyk-cli/code-execution-warning-for-snyk-cli
If the relevant command cannot complete due to access or missing files, then Snyk tests will not be able to complete.
This is not a Snyk issue, but rather an access/configuration issue.
Resolution:
In the case of CircleCi, when setting up your git config to access private directories, make sure that the private repo is listed
eg, Instead of this:
git config --global url."https://${GITHUB_USER}:${GITHUB_TOKEN}@github.com/".insteadOf "https://github.com/"
the correct statement would be:
git config --global url."https://${GITHUB_USER}:${GITHUB_TOKEN}@github.com/<privaterepo>/".insteadOf "https://github.com/circleci/"
If the Snyk command is still failing, and a command such as go list -json -deps is advised in the error logs, try separately running the command advised before the Snyk test.
If that is able to succeed, please use -d
in the arguments and provide the full output of the test in a file in a ticket to support.