cdk-validator-cfnguard icon indicating copy to clipboard operation
cdk-validator-cfnguard copied to clipboard

Published 20 hours ago verified publisher icon cdklabs

Error: Error: spawnSync /Users/ahammond/Documents/ClickUp/infratest-service-cdk/node_modules/@cdklabs/cdk-validator-cfnguard/bin/macos/cfn-guard ENOBUFS

Open ahammond opened this issue 11 months ago • 4 comments

I tried

const app = new App({ policyValidationBeta1: [new CfnGuardValidator()] });

after adding the lib and got

❯ npx cdk list                                    
Performing Policy Validations

Validation Report
-----------------

╔════════════════════════════════════╗
║           Plugin Report            ║
║   Plugin: cdk-validator-cfnguard   ║
║   Version: 0.0.58                  ║
║   Status: failure                  ║
╚════════════════════════════════════╝


Metadata: 
        error: Validation plugin 'cdk-validator-cfnguard' failed: 
        CfnGuardValidator plugin failed processing cfn-guard results.
        Please create an issue https://github.com/cdklabs/cdk-validator-cfnguard/issues/new
        Error: Error: spawnSync /Users/ahammond/Documents/ClickUp/infratest-service-cdk/node_modules/@cdklabs/cdk-validator-cfnguard/bin/macos/cfn-guard ENOBUFS

Policy Validation Report Summary

╔════════════════════════╤═════════╗
║ Plugin                 │ Status  ║
╟────────────────────────┼─────────╢
║ cdk-validator-cfnguard │ failure ║
╚════════════════════════╧═════════╝

Validation failed. See the validation report above for details

Subprocess exited with error 1

This is with

node v20.5.1
    "@cdklabs/cdk-validator-cfnguard": "^0.0.58",
    "aws-cdk-lib": "^2.130.0",

ahammond avatar Feb 29 '24 20:02 ahammond

Hi, @ahammond. I can't reproduce this. Is there a minimal example you can share?

otaviomacedo avatar Mar 05 '24 10:03 otaviomacedo

I'll build one. Thank you for looking!

ahammond avatar Mar 06 '24 04:03 ahammond

Hello,

I have a similar issue here: Metadata: error: Validation plugin 'cdk-validator-cfnguard' failed: CfnGuardValidator plugin failed processing cfn-guard results. Please create an issue https://github.com/cdklabs/cdk-validator-cfnguard/issues/new Error: Error: spawnSync /tmp/jsii-kernel-XXRYsE/node_modules/@cdklabs/cdk-validator-cfnguard/bin/ubuntu/cfn-guard ENOBUFS

Kusus886 avatar Mar 25 '24 09:03 Kusus886

I'm seeing this where the execution is exceeding maxBuffer.

The default value is 1MB, see https://nodejs.org/api/child_process.html#child_processspawnsynccommand-args-options and https://github.com/nodejs/node/issues/9829

Overriding to a sufficiently large value, and possibly making it configurable as well, might be a solution?

In the meantime, I'm working through the violations by simply overriding this locally

e.g. in node_modules/@cdklabs/cdk-validator-cfnguard/lib/utils.js

[..]
function exec(commandLine, options = {}) {
    const proc = (0, child_process_1.spawnSync)(commandLine[0], commandLine.slice(1), {
        stdio: ['ignore', 'pipe', options.verbose ? 'inherit' : 'pipe'],
        env: {
            ...process.env,
            ...options.env,
        },
        cwd: options.cwd,
        maxBuffer: 1024 * 1024 * 10, <-- 10MB override
    });
[..]

roblambell avatar Sep 03 '24 11:09 roblambell

I am having this issue as well.

justin-masse avatar Oct 18 '24 17:10 justin-masse