Client: Empty .zip file with type "licenseScan" - Githubissues

mercedes-benz / sechub

SecHub provides a central API to test software with different security tools.

https://mercedes-benz.github.io/sechub/

MIT License

258 stars 58 forks source link

Client: Empty .zip file with type "licenseScan" #3178

Closed sven-dmlr closed 1 month ago

sven-dmlr commented 1 month ago

Situation

When doing a licenseScan, then the following message appears:

...
ERROR: Zipfile has no content! Please check your "sources" section in the config file.
Exiting due to fatal error while creating sources zip file...

Example SecHub JSON configfile:

{
  "apiVersion": "1.0",
  "data": {
    "sources": [
      {
        "name": "reference-data-1",
        "fileSystem": { "folders": [ "." ] }
      }
    ]
  },
  "licenseScan": { "use": [ "reference-data-1" ] }
}

Among others this makes the integration test of github-actions/scan fail.

ToDo

On scan type "licenseScan" use the source code patterns for upload (same as "codeScan")
Add a unit test for "licenseScan"