os icon indicating copy to clipboard operation
os copied to clipboard
verified publisher icon wolfi-dev

checkov will fail pkgconf test pipeline

Open murraybd opened this issue 1 year ago • 2 comments

If the pkgconf test pipeline is added to checkov it will fail in the following way:

2024/11/12 23:10:39 INFO running the main test pipeline
2024/11/12 23:10:39 INFO running step "test/pkgconf"
2024/11/12 23:10:39 WARN + '[' -d /home/build ] uses=test/pkgconf
2024/11/12 23:10:39 WARN + cd /home/build uses=test/pkgconf
2024/11/12 23:10:39 WARN + exit 0 uses=test/pkgconf
2024/11/12 23:10:39 INFO running step "pkgconf build dependency check" uses=test/pkgconf
2024/11/12 23:10:39 WARN + '[' -d /home/build ] uses=test/pkgconf name="pkgconf build dependency check"
2024/11/12 23:10:39 WARN + cd /home/build uses=test/pkgconf name="pkgconf build dependency check"
2024/11/12 23:10:39 WARN + basename /home/build/melange-out/checkov uses=test/pkgconf name="pkgconf build dependency check"
2024/11/12 23:10:39 WARN + dev_pkg=checkov uses=test/pkgconf name="pkgconf build dependency check"
2024/11/12 23:10:39 WARN + cd / uses=test/pkgconf name="pkgconf build dependency check"
2024/11/12 23:10:39 WARN + apk info -L checkov uses=test/pkgconf name="pkgconf build dependency check"
2024/11/12 23:10:39 WARN + grep '\.pc$' uses=test/pkgconf name="pkgconf build dependency check"
2024/11/12 23:10:39 WARN WARNING: opening /home/user/src/wolfi-os/packages: No such file or directory uses=test/pkgconf name="pkgconf build dependency check"
2024/11/12 23:10:39 WARN WARNING: opening from cache https://packages.wolfi.dev/os: No such file or directory uses=test/pkgconf name="pkgconf build dependency check"
2024/11/12 23:10:39 WARN + grep -q ^Name: usr/share/app/checkov/.venv/lib/python3.11/site-packages/numpy/_core/lib/pkgconfig/numpy.pc uses=test/pkgconf name="pkgconf build dependency check"
2024/11/12 23:10:39 WARN + basename usr/share/app/checkov/.venv/lib/python3.11/site-packages/numpy/_core/lib/pkgconfig/numpy.pc .pc uses=test/pkgconf name="pkgconf build dependency check"
2024/11/12 23:10:39 WARN + lib_name=numpy uses=test/pkgconf name="pkgconf build dependency check"
2024/11/12 23:10:39 WARN + echo usr/share/app/checkov/.venv/lib/python3.11/site-packages/numpy/_core/lib/pkgconfig/numpy.pc uses=test/pkgconf name="pkgconf build dependency check"
2024/11/12 23:10:39 WARN + grep -q '^usr/lib/pkgconfig/numpy.pc$\|^usr/share/pkgconfig/numpy.pc$' uses=test/pkgconf name="pkgconf build dependency check"
2024/11/12 23:10:39 INFO pod b7f30b8cf3ed3f34c37795f09f70b2b65f41a7043a9323d58046934d1e0b0507 terminated
2024/11/12 23:10:39 INFO ERROR: failed to test package. the test environment has been preserved:
2024/11/12 23:10:39 INFO   workspace dir: /home/user/tmp/melange-workspace-328654107
2024/11/12 23:10:39 INFO   guest dir: /home/user/tmp/melange-guest-3075959938
2024/11/12 23:10:39 ERRO failed to test package: unable to run pipeline: unable to run pipeline: unable to run pipeline: task exited with code 1
make: *** [Makefile:147: test/checkov] Error 1```

murraybd avatar Nov 13 '24 04:11 murraybd

There is no pkg config file present in the apk. These package has never been updated as has a numpy.pc file present in its build env site package which should not be there. This package is updated now: https://github.com/wolfi-dev/os/pull/54300

debasishbsws avatar May 26 '25 13:05 debasishbsws

Fixed: https://github.com/wolfi-dev/os/pull/54300

debasishbsws avatar May 26 '25 13:05 debasishbsws