search

aws-actions / vulnerability-scan-github-action-for-amazon-inspector

Scan artifacts with Amazon Inspector from GitHub Actions workflows.
https://docs.aws.amazon.com/inspector/
MIT License
25 stars 6 forks source link

Support aarch64 systems #62

Closed bluesentinelsec closed 3 months ago

bluesentinelsec commented 3 months ago

Before this change, the action would fail to download and install inspector-sbomgen when the user's CPU architecture is aarch64, even though arm64 is supported (see issue #61 ).

This can be observed below:

$ uname -r
6.1.94-99.176.amzn2023.aarch64

$ python3 entrypoint/main.py

time="2024-06-27 18:09:00" level=info msg="downloading and installing inspector-sbomgen version latest" file="orchestrator.py:16"
time="2024-06-27 18:09:00" level=error msg="expected a CPU architecture of x86_64, arm64, or amd64, but received: aarch64" file="orchestrator.py:90"
time="2024-06-27 18:09:00" level=error msg="unable to download and install inspector-sbomgen" file="orchestrator.py:429"

After this change, the action correctly downloads and installs inspector-sbomgen on aarch64 systems:

$ uname -r
6.1.94-99.176.amzn2023.aarch64

$ python3 entrypoint/main.py

time="2024-06-27 18:10:24" level=info msg="downloading and installing inspector-sbomgen version latest" file="orchestrator.py:17"
time="2024-06-27 18:10:25" level=info msg="generating SBOM from artifact" file="orchestrator.py:21"
INFO[0000] Amazon Inspector SBOM Generator v1.2.1 - linux arm64 - Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved
INFO[0000] [/usr/local/bin/inspector-sbomgen directory --path ./ --outfile sbom.json --disable-progress-bar --timeout 600]
INFO[0000] writing log file to: /root/.inspector-sbomgen/logs/inspector-sbomgen-log_2024-06-27_18-10-25.txt
INFO[2024-06-27 18:10:25]coreV1.go:34: initializing target artifact
INFO[2024-06-27 18:10:25]coreV1.go:44: executing pre-processors
INFO[2024-06-27 18:10:25]directory.go:216: walking the artifact
INFO[2024-06-27 18:10:25]coreV1.go:53: analyzing artifact
INFO[2024-06-27 18:10:25]coreV1.go:62: executing post-processors
INFO[2024-06-27 18:10:25]coreV1.go:71: encoding findings
INFO[2024-06-27 18:10:25]directories.go:243: encoded 74 components
INFO[2024-06-27 18:10:25]directory.go:290: cleaning up file system artifacts
INFO[2024-06-27 18:10:25]cli.go:62: Elapsed time: 149ms
time="2024-06-27 18:10:25" level=info msg="scanning SBOM contents with Amazon Inspector" file="orchestrator.py:25"