Currently scanning a project with Angular support. It requires npm for ‘gradle dependencies’ to work. I can get this to work fine in the docker image via running ‘gradle dependencies’ on the cli, but it appears that ‘/analyzer run’ overrides the path so I end up with the following.
A problem occurred starting process ‘command ‘npm’’
What do I need to do to add to the path that analyzer (analyzer-binary) uses?
I found a work-around for this issue. I needed to set the path in /etc/profile
Ex: replace “export PATH”
with
NODEJS_HOME=/datadg/node-v16.13.2-linux-x64
PATH=$PATH:$NODEJS_HOME/bin
NODE_EXTRA_CA_CERTS=/etc/ssl/certs/ca-certificates.crt
export NODEJS_HOME
export NODEJS_EXTRA_CA_CERTS
export PATH
In my Dockerfile used to create my version of the image
FROM registry.gitlab.com/gitlab-org/security-products/analyzers/gemnasium-maven:2
ENV TZ=America/Chicago
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
...
RUN mkdir -p /datadg
RUN curl -LJO https://nodejs.org/dist/v16.13.2/node-v16.13.2-linux-x64.tar.xz && \
tar -xvf node-v16.13.2-linux-x64.tar.xz -C /datadg && \
rm -f node-v16.13.2-linux-x64.tar.xz
ENV NODEJS_HOME /datadg/node-v16.13.2-linux-x64
ENV PATH $PATH:$NODEJS_HOME/bin
ENV NODE_EXTRA_CA_CERTS /etc/ssl/certs/ca-certificates.crt
RUN npm install -g @angular/cli
# Had to use this approach for /analyzer as it was overriding the path set above and couldn't see npm to run 'gradle dependencies'
RUN sed -i 's/export PATH/\nNODEJS_HOME=\/datadg\/node-v16.13.2-linux-x64\nPATH=$PATH:$NODEJS_HOME\/bin\nNODE_EXTRA_CA_CERTS=\/etc\/ssl\/certs\/ca-certificates.crt\nexport NODEJS_HOME\nexport NODEJS_EXTRA_CA_CERTS\n\nexport PATH/' /etc/profile