tool does not mount the project directory
john047 opened this issue · comments
What happened:
the directory with the project is not mounted, although everything is done according to the documentation
How to reproduce it (as minimally and precisely as possible):
horusec_sast:
stage: check-code
image: docker:19.03.12
variables:
DOCKER_TLS_CERTDIR: ""
services:
- docker:19.03.12-dind
script:
- docker run -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src/horusec horuszup/horusec-cli:latest horusec start -p /src/horusec -P $(pwd) -o json -O ./horusec-report.json
artifacts:
paths:
- ./horusec-report.json
expire_in: 1h
after running the tool in the logs the following:
level=warning msg="YOUR ANALYSIS HAD FINISHED WITHOUT ANY VULNERABILITY!"
Uploading artifacts...
WARNING: ./horusec-report.json: no matching files
ERROR: No files to upload
But if I change the runner config from volumes = ["/var/run/docker.sock:/var/run/docker.sock", "/cache"] to volumes = ["/var/run/docker.sock:/var/run/docker.sock", "/cache", "/builds:/builds"], then the scan logs show that there are vulnerabilities in the code, but changing the config will make the deployment of services inoperable, so this parameter was deleted.
How to fix the problem?
Help, please!
Anything else we need to know?:
Environment:
- Horusec version (use
horusec version):
Version: v2.8.0
Git commit: df32c1c
Built: Wed Jun 08 13:57:08 2022
Distribution: normal
