Gitlab CI:SAST IAC上传文物的问题 - 拒绝许可
使用模板进行IAC SAST时,我有错误。 Gitlab是14.10,安装在我的云中,并可以从Internet访问(我将真正的Gitlab Ulr更改为ownergitlab.com) GitLab Runner安装在K8S中。
尝试在项目中使用SAST,但我会遇到错误。有人可以帮忙吗?
这是我的.gitlab-ci.yml
include:
- template: Security/SAST-IaC.latest.gitlab-ci.yml
stages:
- test
管道日志的一部分:
$ /analyzer run
[INFO] [kics] [2022-05-20T12:41:44Z] ▶ GitLab kics analyzer v1.5.2
[INFO] [kics] [2022-05-20T12:41:44Z] ▶ Detecting project
[INFO] [kics] [2022-05-20T12:41:44Z] ▶ Found relevant files in project, analyzing entire repository
[INFO] [kics] [2022-05-20T12:41:44Z] ▶ Running analyzer
[INFO] [kics] [2022-05-20T12:41:44Z] ▶ path /builds/tf/modules
[INFO] [kics] [2022-05-20T12:42:43Z] ▶ Creating report
[WARN] [kics] [2022-05-20T12:42:43Z] ▶ Could not detect git executable
Uploading artifacts for successful job
Uploading artifacts...
gl-sast-report.json: found 1 matching files and directories
ERROR: Uploading artifacts as "sast" to coordinator... error error=couldn't execute POST against https://owngitlab.com/api/v4/jobs/139/artifacts?artifact_format=raw&artifact_type=sast: Post "https://owngitlab.com/api/v4/jobs/139/artifacts?artifact_format=raw&artifact_type=sast": open gl-sast-report.json: permission denied id=139 token=hZ5dXhA7
WARNING: Retrying... context=artifacts-uploader error=invalid argument
ERROR: Uploading artifacts as "sast" to coordinator... error error=couldn't execute POST against https://owngitlab.com/api/v4/jobs/139/artifacts?artifact_format=raw&artifact_type=sast: Post "https://owngitlab.com/api/v4/jobs/139/artifacts?artifact_format=raw&artifact_type=sast": open gl-sast-report.json: permission denied id=139 token=hZ5dXhA7
WARNING: Retrying... context=artifacts-uploader error=invalid argument
ERROR: Uploading artifacts as "sast" to coordinator... error error=couldn't execute POST against https://owngitlab.com/api/v4/jobs/139/artifacts?artifact_format=raw&artifact_type=sast: Post "https://owngitlab.com/api/v4/jobs/139/artifacts?artifact_format=raw&artifact_type=sast": open gl-sast-report.json: permission denied id=139 token=hZ5dXhA7
FATAL: invalid argument
Cleaning up project directory and file based variables
00:00
ERROR: Job failed: command terminated with exit code 1
I have an error when using the template for IaC SAST.
Gitlab is 14.10, installed in my cloud, and accessible from the internet (I changed my real GitLab ULR to owngitlab.com)
The GitLab runner is installed in k8s.
Try to use SAST in my projects, but I get errors. Could somebody please help with this?
Here is part of my .gitlab-ci.yml
include:
- template: Security/SAST-IaC.latest.gitlab-ci.yml
stages:
- test
Pipeline log:
$ /analyzer run
[INFO] [kics] [2022-05-20T12:41:44Z] ▶ GitLab kics analyzer v1.5.2
[INFO] [kics] [2022-05-20T12:41:44Z] ▶ Detecting project
[INFO] [kics] [2022-05-20T12:41:44Z] ▶ Found relevant files in project, analyzing entire repository
[INFO] [kics] [2022-05-20T12:41:44Z] ▶ Running analyzer
[INFO] [kics] [2022-05-20T12:41:44Z] ▶ path /builds/tf/modules
[INFO] [kics] [2022-05-20T12:42:43Z] ▶ Creating report
[WARN] [kics] [2022-05-20T12:42:43Z] ▶ Could not detect git executable
Uploading artifacts for successful job
Uploading artifacts...
gl-sast-report.json: found 1 matching files and directories
ERROR: Uploading artifacts as "sast" to coordinator... error error=couldn't execute POST against https://owngitlab.com/api/v4/jobs/139/artifacts?artifact_format=raw&artifact_type=sast: Post "https://owngitlab.com/api/v4/jobs/139/artifacts?artifact_format=raw&artifact_type=sast": open gl-sast-report.json: permission denied id=139 token=hZ5dXhA7
WARNING: Retrying... context=artifacts-uploader error=invalid argument
ERROR: Uploading artifacts as "sast" to coordinator... error error=couldn't execute POST against https://owngitlab.com/api/v4/jobs/139/artifacts?artifact_format=raw&artifact_type=sast: Post "https://owngitlab.com/api/v4/jobs/139/artifacts?artifact_format=raw&artifact_type=sast": open gl-sast-report.json: permission denied id=139 token=hZ5dXhA7
WARNING: Retrying... context=artifacts-uploader error=invalid argument
ERROR: Uploading artifacts as "sast" to coordinator... error error=couldn't execute POST against https://owngitlab.com/api/v4/jobs/139/artifacts?artifact_format=raw&artifact_type=sast: Post "https://owngitlab.com/api/v4/jobs/139/artifacts?artifact_format=raw&artifact_type=sast": open gl-sast-report.json: permission denied id=139 token=hZ5dXhA7
FATAL: invalid argument
Cleaning up project directory and file based variables
00:00
ERROR: Job failed: command terminated with exit code 1
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论