Issue with SAST IaC uploading artifacts - permission denied

vstepko · May 20, 2022, 1:13pm

Hi!

I have an error when using the template for IaC SAST.
Gitlab is 14.10, installed in my cloud, and accessible from the internet (I changed my real GitLab ULR to owngitlab.com)
The GitLab runner is installed in k8s.

Try to use SAST in my projects, but I get errors. Could somebody please help with this?

Here is part of my .gitlab-ci.yml

include:
  - template: Security/SAST-IaC.latest.gitlab-ci.yml

stages:
  - test

Pipeline log:

$ /analyzer run
[INFO] [kics] [2022-05-20T12:41:44Z] ▶ GitLab kics analyzer v1.5.2
[INFO] [kics] [2022-05-20T12:41:44Z] ▶ Detecting project
[INFO] [kics] [2022-05-20T12:41:44Z] ▶ Found relevant files in project, analyzing entire repository
[INFO] [kics] [2022-05-20T12:41:44Z] ▶ Running analyzer
[INFO] [kics] [2022-05-20T12:41:44Z] ▶ path /builds/tf/modules
[INFO] [kics] [2022-05-20T12:42:43Z] ▶ Creating report
[WARN] [kics] [2022-05-20T12:42:43Z] ▶ Could not detect git executable
Uploading artifacts for successful job
Uploading artifacts...
gl-sast-report.json: found 1 matching files and directories 
ERROR: Uploading artifacts as "sast" to coordinator... error  error=couldn't execute POST against https://owngitlab.com/api/v4/jobs/139/artifacts?artifact_format=raw&artifact_type=sast: Post "https://owngitlab.com/api/v4/jobs/139/artifacts?artifact_format=raw&artifact_type=sast": open gl-sast-report.json: permission denied id=139 token=hZ5dXhA7
WARNING: Retrying...                                context=artifacts-uploader error=invalid argument
ERROR: Uploading artifacts as "sast" to coordinator... error  error=couldn't execute POST against https://owngitlab.com/api/v4/jobs/139/artifacts?artifact_format=raw&artifact_type=sast: Post "https://owngitlab.com/api/v4/jobs/139/artifacts?artifact_format=raw&artifact_type=sast": open gl-sast-report.json: permission denied id=139 token=hZ5dXhA7
WARNING: Retrying...                                context=artifacts-uploader error=invalid argument
ERROR: Uploading artifacts as "sast" to coordinator... error  error=couldn't execute POST against https://owngitlab.com/api/v4/jobs/139/artifacts?artifact_format=raw&artifact_type=sast: Post "https://owngitlab.com/api/v4/jobs/139/artifacts?artifact_format=raw&artifact_type=sast": open gl-sast-report.json: permission denied id=139 token=hZ5dXhA7
FATAL: invalid argument                            
Cleaning up project directory and file based variables
00:00
ERROR: Job failed: command terminated with exit code 1

Topic		Replies	Views
Not authorized to run Gitlab Advanced SAST Analyzer GitLab CI/CD ci , pipelines	3	126	September 26, 2024
SAST-iac timeout after 1h DevSecOps	3	899	May 21, 2024
Uploading artifacts... WARNING: gl-sast-report.json: no matching files ERROR: No files to upload DevSecOps ci , sast	6	20837	May 17, 2022
Running the SAST analyzer fails: /analyzer: No such file or directory DevSecOps ci , runner	4	10290	January 25, 2021
Sast report files are not found GitLab CI/CD	3	3655	September 21, 2021

Issue with SAST IaC uploading artifacts - permission denied

Related topics