fix(ct-cve): repair inventory push field mismatch #643

Open
opened 2026-06-14 08:15:52 +00:00 by simon · 0 comments
Owner

Finding

While validating the Docker image scanning resource fix on the ct-ops test server on 2026-06-14, ingest logged CT-CVE inventory push failures after a software inventory scan completed successfully.

Observed log line from simon@ct-ops:~/ct-ops:

inventory: CT-CVE inventory push failed ... err="number of field descriptions must equal number of destinations, got 16 and 17"

Impact

Inventory collection itself completed, but the CT-CVE outbound inventory push failed. That can leave CT-CVE out of sync with CT-Ops host inventory and may contribute to repeated retry or processing load.

Reproduction / evidence

On the test server, after the ingest restart, a software inventory task for host n9rdbbl6t7v5n023t3mx19uq completed and immediately logged the field-count mismatch during the CT-CVE push path.

Suggested fix

Inspect the CT-CVE inventory export/query scan destinations around the ingest CT-CVE inventory push path and align the SELECT column count with the scan destination count. Add a regression test for the exact query/scan shape so future schema additions cannot reintroduce the mismatch.

## Finding While validating the Docker image scanning resource fix on the ct-ops test server on 2026-06-14, ingest logged CT-CVE inventory push failures after a software inventory scan completed successfully. Observed log line from `simon@ct-ops:~/ct-ops`: `inventory: CT-CVE inventory push failed ... err="number of field descriptions must equal number of destinations, got 16 and 17"` ## Impact Inventory collection itself completed, but the CT-CVE outbound inventory push failed. That can leave CT-CVE out of sync with CT-Ops host inventory and may contribute to repeated retry or processing load. ## Reproduction / evidence On the test server, after the ingest restart, a software inventory task for host `n9rdbbl6t7v5n023t3mx19uq` completed and immediately logged the field-count mismatch during the CT-CVE push path. ## Suggested fix Inspect the CT-CVE inventory export/query scan destinations around the ingest CT-CVE inventory push path and align the SELECT column count with the scan destination count. Add a regression test for the exact query/scan shape so future schema additions cannot reintroduce the mismatch.
Sign in to join this conversation.
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
carrtech/ct-ops#643
No description provided.