'Black Duck with Gitlab-CI runner
Im trying to integrate BlackDuck in to a gitlab ci script. Running OpenJDK on Alpine 3.9.2
I get the following error in the logs
2019-10-14 15:19:00 ERROR [main] --- Scanning target /code/sre-web-
portal failed: There was a problem scanning target '/code/sre-web-
portal': Could not find the 'jre' directory in
/root/blackduck/tools.
2019-10-14 15:19:00 INFO [main] --- Signature scanner actions
finished.
and the scan exits with
--- Exiting with code 6 - FAILURE_SCAN
any have this error, or has successfully configured blackduck scan to run in gitlab-ci
command that's being run
bash <(curl -s -L https://detect.synopsys.com/detect.sh) --
detect.project.version.name=1 --blackduck.trust.cert=true --proxy-
insecure --detect.blackduck.signature.scanner.dry.run=true --
blackduck.offline.mode=true --detect.tools.excluded=BINARY_SCAN
I have tried setting the BDS_JAVA_HOME environment variable and it still fails with
--- Exiting with code 6 - FAILURE_SCAN
Solution 1:[1]
The cause of your problem is that the required 'Siganture Scanner' tool is yet missing.
Your command tells me, your were running the scan in offline mode.
This means, you have two options to solve this problem:
- Either download and install the Signature Scanner tool manually (see https://testing.blackduck.synopsys.com/doc/componentdiscovery/downloadandinstall.htm) and set
--detect.blackduck.signature.scanner.local.path=option to scan. - Or run the scan in online mode once as the tool is automatically downloaded and installed only after first establishing a connection to the BlackDuck server. (You can switch back to offline mode after that.)
Credits go to this synopsys community article.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | jasie |