There was an issue running inspector-sbomgen is ../linux/arm64/inspector-sbomgen the correct path?
spu-xb01 opened this issue · comments
Jenkins and plugins versions report
Making downloaded SBOMGen executable...
Running command...
[/home/ec2-user/inspector-sbomgen/linux/arm64/inspector-sbomgen, container, --image, alpine:latest]
Plugin execution ran into an error and is being aborted!
Exception:com.amazon.inspector.jenkins.amazoninspectorbuildstep.exception.SbomgenNotFoundException: There was an issue running inspector-sbomgen, is /home/ec2-user/inspector-sbomgen/linux/arm64/inspector-sbomgen the correct path?
com.amazon.inspector.jenkins.amazoninspectorbuildstep.exception.SbomgenNotFoundException: There was an issue running inspector-sbomgen, is /home/ec2-user/inspector-sbomgen/linux/arm64/inspector-sbomgen the correct path?
at com.amazon.inspector.jenkins.amazoninspectorbuildstep.sbomgen.SbomgenRunner.runSbomgen(SbomgenRunner.java:83)
at com.amazon.inspector.jenkins.amazoninspectorbuildstep.sbomgen.SbomgenRunner.run(SbomgenRunner.java:49)
at com.amazon.inspector.jenkins.amazoninspectorbuildstep.AmazonInspectorBuilder.perform(AmazonInspectorBuilder.java:180)
at org.jenkinsci.plugins.workflow.steps.CoreStep$Execution.run(CoreStep.java:101)
at org.jenkinsci.plugins.workflow.steps.CoreStep$Execution.run(CoreStep.java:71)
at org.jenkinsci.plugins.workflow.steps.SynchronousNonBlockingStepExecution.lambda$start$0(SynchronousNonBlockingStepExecution.java:47)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.base/java.util.concurrent.FutureTask.run(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)
/home/ec2-user/inspector-sbomgen/linux/arm64/inspector-sbomgen
This is the correct path and the files are there
./inspector-sbomgen container -i alpine:latest
If I don't run through a plugin everything works as expected
these solutions don't help
https://docs.aws.amazon.com/inspector/latest/user/cicd-jenkins.html
What Operating System are you using (both controller, and any agents involved in the problem)?
NAME="Amazon Linux"
VERSION="2"
ID="amzn"
ID_LIKE="centos rhel fedora"
VERSION_ID="2"
PRETTY_NAME="Amazon Linux 2"
ANSI_COLOR="0;33"
CPE_NAME="cpe:2.3:o:amazon:amazon_linux:2"
HOME_URL="https://amazonlinux.com/"
SUPPORT_END="2025-06-30"
Amazon Linux release 2 (Karoo)
Reproduction steps
pipeline {
agent {
label 'ARM64'
}
stages {
stage ('amazon-inspector-image-scanner') {
steps {
script {
step ([
$class: 'com.amazon.inspector.jenkins.amazoninspectorbuildstep.AmazonInspectorBuilder',
sbomgenPath: '/home/ec2-user/inspector-sbomgen/linux/arm64/inspector-sbomgen',
archivePath: 'alpine:latest',
awsRegion: 'us-east-1',
iamRole: 'arn:aws:iam::role',
isThresholdEnabled: 'false',
countCritical: 0,
countHigh: 0,
countLow: 10,
countMedium: 5,
])
}
}
}
}
}
Expected Results
INFO[0000] Amazon Inspector SBOM Generator v1.1.0 - linux arm64 - Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved
INFO[0000] [./inspector-sbomgen container -i alpine:latest]
INFO[0000] writing log file to: /home/ec2-user/.inspector-sbomgen/logs/inspector-sbomgen-log_2024-05-06_13-38-22.txt
INFO[2024-05-06 13:38:22]coreV1.go:34: initializing target artifact
INFO[2024-05-06 13:38:22]stagingdir.go:60: created temporary staging directory: /home/ec2-user/.inspector-sbomgen/artifact-cache1611348113
INFO[2024-05-06 13:38:22]imageInit.go:28: checking if image is a tarball
INFO[2024-05-06 13:38:22]imageInit.go:37: checking if image exists in the local Docker daemon
INFO[2024-05-06 13:38:22]imageInit.go:40: image appears to be locally cached
INFO[2024-05-06 13:38:22]coreV1.go:44: executing pre-processors
INFO[2024-05-06 13:38:22]artifactContainer.go:134: initializing analyzers
INFO[2024-05-06 13:38:22]artifactContainer.go:139: inventorying the image; this may take some time depending on your image size...
| [0s]
INFO[2024-05-06 13:38:22]systeminfo.go:41: initializing artifact system info
INFO[2024-05-06 13:38:22]coreV1.go:53: analyzing artifact
| [0s]
INFO[2024-05-06 13:38:23]coreV1.go:62: executing post-processors
INFO[2024-05-06 13:38:23]coreV1.go:71: encoding findings
INFO[2024-05-06 13:38:23]containers.go:227: encoded 12 components
INFO[2024-05-06 13:38:23]artifactContainer.go:229: cleaning up any file system artifacts
INFO[2024-05-06 13:38:23]stagingdir.go:106: deleting staging directory; please wait
INFO[2024-05-06 13:38:23]stagingdir.go:113: deleted 7 megabytes from staging directory: /home/ec2-user/.inspector-sbomgen/artifact-cache1611348113
Actual Results
Plugin execution ran into an error and is being aborted!
Exception:com.amazon.inspector.jenkins.amazoninspectorbuildstep.exception.SbomgenNotFoundException: There was an issue running inspector-sbomgen, is /home/ec2-user/inspector-sbomgen/linux/arm64/inspector-sbomgen the correct path?
com.amazon.inspector.jenkins.amazoninspectorbuildstep.exception.SbomgenNotFoundException: There was an issue running inspector-sbomgen, is /home/ec2-user/inspector-sbomgen/linux/arm64/inspector-sbomgen the correct path?
Anything else?
No response
Are you interested in contributing a fix?
No response
Hi, thanks for reaching out.
Its likely that Jenkins doesn't have permissions to interact with inspector-sbomgen. If you're intent on using a standalone binary, ensure that the jenkins user has permissions to start inspector-sbomgen. Alternatively, you can use the automatic downloader to allow the plugin to download and use the required binary at runtime. You can use this option by adding sbomgenSource: 'linuxAmd64' to your build step. If you have an arm-based system, use "linuxArm64" instead.