Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve subpath to mount matching #3269

Merged
merged 1 commit into from
Sep 24, 2024
Merged

Improve subpath to mount matching #3269

merged 1 commit into from
Sep 24, 2024

Conversation

cdupuis
Copy link
Contributor

@cdupuis cdupuis commented Sep 24, 2024
edited
Loading

👋🏽 we are seeing issues when upgrading the syft-sbom-indexer to the latest version of Syft running on latest GitHub Action Runner images (ubuntu-22.04). Effectively the recently introduced mount path checking prevents the mounted filesystem to be analysed. We see the following log message in the GHA logs when enabling debug logging:

DEBUG ignoring path based on mountpoint filesystem type condition=/run fs=tmpfs mountpoint=/proc/latency_stats path=/run/src/core/sbom

We tracked this down to #2918.

This PR adds a new test mimicking the file mounts as seen on the GitHub Action Runner image for ubuntu-22.04 and changes the code to let the requested path /run/src/core/sbom not get blocked.

Please take a look at this change and let us know what you think? Thank you.

@LaurentGoderre
Copy link
Contributor

This is showing the bug as well as the fix in action: https://github.com/LaurentGoderre/build-debug/actions/runs/11016581191

Source: https://github.com/LaurentGoderre/build-debug/blob/main/.github/workflows/build.yml#L18-L26

@kzantow
Copy link
Contributor

kzantow commented Sep 24, 2024

I think make lint-fix should correct the static analysis failure

@cdupuis
Copy link
Contributor Author

cdupuis commented Sep 24, 2024

I think make lint-fix should correct the static analysis failure

sorry @kzantow, I pushed an update. Hopefully this is fixed now.

@cdupuis
Improve subpath to mount matching
cbba927 
to fix an issue on GitHub Actions

Signed-off-by: Christian Dupuis <[email protected]>
@wagoodman wagoodman added the bug Something isn't working label Sep 24, 2024
kzantow
kzantow approved these changes Sep 24, 2024
View reviewed changes
Copy link
Contributor

@kzantow kzantow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry it took me a bit to understand some of the nuance in this behavior. This definitely looks like a correct change I see now, thanks much @cdupuis!

@kzantow kzantow merged commit 92c1dde into anchore:main Sep 24, 2024
12 checks passed
@LaurentGoderre
Copy link
Contributor

@kzantow thank you!!

@tianon tianon mentioned this pull request Sep 26, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@LaurentGoderre LaurentGoderre LaurentGoderre approved these changes

@kzantow kzantow kzantow approved these changes

Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@cdupuis @LaurentGoderre @kzantow @wagoodman