Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RAPID scan with docker images doesn't produce any report #36

Open
kmeleshko opened this issue Oct 4, 2022 · 1 comment
Open

RAPID scan with docker images doesn't produce any report #36

kmeleshko opened this issue Oct 4, 2022 · 1 comment

Comments

@kmeleshko
Copy link

RAPID scan with docker images doesn't produce any report and findings
example usage:

     - name: Synopsys Detect
        uses: synopsys-sig/[email protected]
        with:
          scan-mode: RAPID
          detect-version: 7.9.0
          github-token: ${{ secrets.GITHUB_TOKEN }}
          blackduck-url: ${{ secrets.BLACKDUCK_URL }}
          blackduck-api-token: ${{ secrets.BLACKDUCK_API_TOKEN }}
        env:
          DETECT_TOOLS: DOCKER
          DETECT_DOCKER_IMAGE: ${{ DOCKER_IMAGE }}
          DETECT_DOCKER_PATH_REQUIRED: TRUE
          DETECT_PROJECT_NAME: "project name"
          DETECT_PROJECT_VERSION_NAME: "latest"
          DETECT_TOOLS_EXCLUDED: "BINARY_SCAN"

scan produces empty report:

2022-09-27 18:44:32 UTC INFO  [main] --- ======== Detect Result ========
2022-09-27 18:44:32 UTC INFO  [main] --- 
2022-09-27 18:44:32 UTC INFO  [main] --- Rapid Scan Result: (for more detail look in the log for Rapid Scan Result Details)
2022-09-27 18:44:32 UTC INFO  [main] --- 	
2022-09-27 18:44:32 UTC INFO  [main] --- 		Critical and blocking policy violations for
2022-09-27 18:44:32 UTC INFO  [main] --- 			* Components: 0
2022-09-27 18:44:32 UTC INFO  [main] --- 			* Security: 0
2022-09-27 18:44:32 UTC INFO  [main] --- 			* License: 0
2022-09-27 18:44:32 UTC INFO  [main] --- 	
2022-09-27 18:44:32 UTC INFO  [main] --- 		Other policy violations
2022-09-27 18:44:32 UTC INFO  [main] --- 			* Components: 0
2022-09-27 18:44:32 UTC INFO  [main] --- 			* Security: 0
2022-09-27 18:44:32 UTC INFO  [main] --- 			* License: 0
2022-09-27 18:44:32 UTC INFO  [main] --- 	
2022-09-27 18:44:32 UTC INFO  [main] --- 		Policies Violated:
2022-09-27 18:44:32 UTC INFO  [main] --- 	
[202](.../actions/runs/3137979587/jobs/5096823034#step:6:203)2-09-27 18:44:32 UTC INFO  [main] --- 		Components with Policy Violations:
2022-09-27 18:44:32 UTC INFO  [main] --- 	
2022-09-27 18:44:32 UTC INFO  [main] --- 		Components with Policy Violation Warnings:
2022-09-27 18:44:32 UTC INFO  [main] --- 
2022-09-27 18:44:32 UTC INFO  [main] --- ======== Detect Status ========
2022-09-27 18:44:32 UTC INFO  [main] --- 
2022-09-27 18:44:32 UTC INFO  [main] --- GIT: SUCCESS
2022-09-27 18:44:32 UTC INFO  [main] --- YARN: SUCCESS
2022-09-27 18:44:32 UTC INFO  [main] --- 
2022-09-27 18:44:32 UTC INFO  [main] --- DOCKER: SUCCESS
2022-09-27 18:44:32 UTC INFO  [main] --- Overall Status: SUCCESS - Detect exited successfully.
2022-09-27 18:44:32 UTC INFO  [main] --- 
2022-09-27 18:44:32 UTC INFO  [main] --- ===============================
2022-09-27 18:44:32 UTC INFO  [main] --- 
2022-09-27 18:44:32 UTC INFO  [main] --- Detect duration: 00h 16m 27s 217ms

status.json has size of 2 bytes and doesn't contain anything, except [].
While INTELLIGENT scan shows security and compliance issues at blackduck ui
@Milamary
Copy link

same issue

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kmeleshko @Milamary