Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-04-21 13:37:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 91
fleet/cmd
History
Tim Lee 81ea7436c3
Fix OSV sync shallow clone failing on quiet weekends (#43450) 
## Summary

The nightly OSV artifact generation in `fleetdm/vulnerabilities` failed
over the weekend with:

```
fatal: error processing shallow info: 4
```

at `cmd/osv-processor/sync-and-detect-changes.sh` during:

```bash
git fetch --shallow-since="3 days ago" origin main
```

Root cause: `git fetch --shallow-since` errors out when the upstream
(`canonical/ubuntu-security-notices`) has zero commits newer than the
cutoff. Canonical didn't push anything over the weekend, so the 3-day
window returned empty and upload-pack produced an unusable shallow
response.

Fix:
- Fall back to `git fetch --depth=3` if `--shallow-since` still returns
empty, so the initial clone always succeeds.

Subsequent runs reuse the existing clone and take the other branch of
the script (plain `git fetch origin main`), which doesn't have this
failure mode.

Failing run:
https://github.com/fleetdm/vulnerabilities/actions/runs/24330589309/job/71035337352

## Test plan

- [x] Re-run the Ubuntu OSV artifact generation workflow; initial clone
succeeds regardless of upstream push frequency.
- [x] Manually exercise the cold-cache path locally: `rm -rf
ubuntu-security-notices &&
./cmd/osv-processor/sync-and-detect-changes.sh` — completes without
error.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Bug Fixes**
* Improved initial repository sync: if the primary shallow fetch returns
no commits, the process now falls back to a limited-depth fetch, warns
the user, and shows recent commit history before continuing. Downstream
change detection and existing behavior for already-cloned repos remain
unchanged.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Konstantin Sykulev <konst@sykulev.com>
2026-04-20 10:30:55 -05:00
..
cpe Add sw_edition to cpe db generation and cpe translations (#32879) 2025-09-17 11:30:49 -04:00
cve Reapply "Update Citrix Workspace CPE generation to distinguish betwee… (#41614) 2026-03-12 16:17:40 -07:00
fleet Fix broken OTEL due to #43298 (#43705) 2026-04-17 09:05:26 -05:00
fleetctl DDMV: Support Fleet variables in DDM (#43222) 2026-04-20 09:14:52 -04:00
gitops-migrate Add back gitops-migrate file (#33981) 2025-10-08 09:44:59 -05:00
macoffice Add new archive URL as data source for Mac Office release notes (#26978) 2025-03-10 08:46:18 -05:00
maintained-apps Cleanup temp installer files after download (#42463) 2026-03-30 10:14:36 -05:00
msrc Fix CI: extend grace periods for MSRC feeds and expand test coverage for file validation. (#37991) 2026-01-07 10:28:20 -06:00
osquery-perf Add Windows Program Files scan for software without registry entries (#42992) 2026-04-11 13:42:50 -06:00
osv-processor Fix OSV sync shallow clone failing on quiet weekends (#43450) 2026-04-20 10:30:55 -05:00
winoffice Add Windows Office bulletin generator (1/3) (#42663) 2026-04-01 12:08:50 -06:00