Improve subpath to mount matching #3269
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
cdupuis
force-pushed
the
fix-ubuntu-buildkit
branch
from
388c508 to
a4969d2
Compare
|
This is showing the bug as well as the fix in action: https://github.com/LaurentGoderre/build-debug/actions/runs/11016581191 Source: https://github.com/LaurentGoderre/build-debug/blob/main/.github/workflows/build.yml#L18-L26 |
LaurentGoderre
approved these changes
Sep 24, 2024
|
I think |
cdupuis
force-pushed
the
fix-ubuntu-buildkit
branch
from
a4969d2 to
17f3ee9
Compare
sorry @kzantow, I pushed an update. Hopefully this is fixed now. |
kzantow
reviewed
Sep 24, 2024
to fix an issue on GitHub Actions Signed-off-by: Christian Dupuis <[email protected]>
cdupuis
force-pushed
the
fix-ubuntu-buildkit
branch
from
17f3ee9 to
cbba927
Compare
|
@kzantow thank you!! |
spiffcs
added a commit
that referenced
this pull request
Oct 2, 2024
* main: (343 commits) feat: update haproxy classifier (#3277) chore(deps): update tools to latest versions (#3291) fix: don't use builtin scanner in licensecheck (#3290) chore(deps): update CPE dictionary index (#3288) chore(deps): bump github/codeql-action from 3.26.9 to 3.26.10 (#3289) update redis classifier (#3281) fix: improve node classifier version matching (#3284) fix: update ruby classifier for -rc, -dev, etc. versions (#3285) chore(deps): update CPE dictionary index (#3262) chore(deps): bump github.com/docker/docker (#3264) chore(deps): bump github/codeql-action from 3.26.8 to 3.26.9 (#3275) chore(deps): update stereoscope to dc10ea61fd18efa45b516eda4de8bc19d8322429 (#3280) chore(deps): bump actions/checkout from 4.1.7 to 4.2.0 (#3283) add awaiting response management (#3272) fix: correct excluded mount point comparison to file paths (#3269) Add JVM cataloger (#3217) feat: classifier for Dart lang binaries (#3265) Add compliance policy for empty name and version (#3257) chore(deps): bump github.com/github/go-spdx/v2 from 2.3.1 to 2.3.2 (#3254) chore(deps): bump peter-evans/create-pull-request from 7.0.3 to 7.0.5 (#3255) ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
👋🏽 we are seeing issues when upgrading the
syft-sbom-indexerto the latest version of Syft running on latest GitHub Action Runner images (ubuntu-22.04). Effectively the recently introduced mount path checking prevents the mounted filesystem to be analysed. We see the following log message in the GHA logs when enabling debug logging:We tracked this down to #2918.
This PR adds a new test mimicking the file mounts as seen on the GitHub Action Runner image for ubuntu-22.04 and changes the code to let the requested path
/run/src/core/sbomnot get blocked.Please take a look at this change and let us know what you think? Thank you.