I have enabled the templated container scanning job to one of my projects as documented at Container Scanning | GitLab.
The relevant parts of my
.gitlab-ci.yml are as follows:
include: - template: Security/Container-Scanning.gitlab-ci.yml container_scanning: variables: CS_DEFAULT_BRANCH_IMAGE: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG-$CI_COMMIT_SHA DOCKER_IMAGE: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG-$CI_COMMIT_SHA SECURE_LOG_LEVEL: debug GIT_STRATEGY: fetch
The job executes and successfully on the public GitLab.com SaaS CI runners, finding my container image and starts to scan it.
However, it fails with the following error message in the logs:
2022-01-15T17:42:16.321Z DEBUG OS is not detected and vulnerabilities in OS packages are not detected. 2022-01-15T17:42:16.322Z DEBUG Detected OS: unknown 2022-01-15T17:42:16.322Z INFO Number of language-specific files: 0 [ERROR] [2022-01-15 17:42:16 +0000]  ▶ private method `select' called for nil:NilClass Uploading artifacts for failed job 00:02 Uploading artifacts... gl-container-scanning-report.json: found 1 matching files and directories Uploading artifacts as "container_scanning" to coordinator... ok id=1978977545 responseStatus=201 Created token=yrdMjm-Q Uploading artifacts... WARNING: gl-dependency-scanning-report.json: no matching files ERROR: No files to upload Cleaning up project directory and file based variables 00:00 ERROR: Job failed: exit code 1
A full copy of the log is here: https://pastebin.com/raw/tgqhhQgK or (for those able to see the private job), here: https://gitlab.com/nicolaw/trinitycore/-/jobs/1978977545
I’m fairly confident that I’ve followed the documentation correctly. Is there something I have overlooked, missed or misunderstood here, or is this a bug or an unexpected edge case that needs investigating?
Any and all help is welcomed.