Open smarttang opened 1 week ago
Thanks for sharing the extra context and the container image info @smarttang ! This will make it easier to reproduce. It'll be great to have a minified CDX Gen image.
You're welcome. I hope this can be handled. We currently have actual scenarios, such as Java images, which are basically up to 20GB. We hope to use tools to reduce the size of container images. For example, the Jar package we currently build based on the Java Spring boot image is very large, and the cost of each build is extremely high. If the tool can provide assistance, it will be of great help to us.
The current failure is due to missing port info, but it's likely there's more to configure (investigating...).
The Java use cases sound interesting... I'm sure we'll be able to come up with something
@smarttang here's a minified version that i tested with github repos and container images: mintoolkit/cdxgen.slim
Here's an example of how I run it (I also mounted the Docker socket, so cdxgen can handle container scanning requests): docker run --init --name cdxgen-slim --rm -v /var/run/docker.sock:/var/run/docker.sock -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t mintoolkit/cdxgen.slim -r /app --server --server-host 0.0.0.0
Here are the curl calls I used for testing:
curl http://localhost:9090/health
curl "http://localhost:9090/sbom?url=https://github.com/HooliCorp/vulnerable-aws-koa-app.git&multiProject=true&type=js"
curl "http://127.0.0.1:9090/sbom?url=https://github.com/kcq/cloud-native-rejekts-2023.git&multiProject=true&type=js"
curl "http://localhost:9090/sbom?url=mintoolkit/cncf-securitycon-app&multiProject=true&type=docker"
Do you mind running more tests with this minified cdxgen image to make sure I'm not missing anything there?
@smarttang here's a minified version that i tested with github repos and container images:
mintoolkit/cdxgen.slim
Here's an example of how I run it (I also mounted the Docker socket, so cdxgen can handle container scanning requests):
docker run --init --name cdxgen-slim --rm -v /var/run/docker.sock:/var/run/docker.sock -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t mintoolkit/cdxgen.slim -r /app --server --server-host 0.0.0.0
Here are the curl calls I used for testing:
curl http://localhost:9090/health
curl "http://localhost:9090/sbom?url=https://github.com/HooliCorp/vulnerable-aws-koa-app.git&multiProject=true&type=js"
curl "http://127.0.0.1:9090/sbom?url=https://github.com/kcq/cloud-native-rejekts-2023.git&multiProject=true&type=js"
curl "http://localhost:9090/sbom?url=mintoolkit/cncf-securitycon-app&multiProject=true&type=docker"
Do you mind running more tests with this minified cdxgen image to make sure I'm not missing anything there?
ok, I'm try again. thx
Expected Behavior
➜ ~ slim build --target ghcr.io/cyclonedx/cdxgen:latest --tag ghcr.io/cyclonedx/cdxgen:slims --http-probe=true
cmd=build info=param.http.probe message='using default probe' cmd=build state=started cmd=build info=params tags='ghcr.io/cyclonedx/cdxgen:slims' image-build-engine='internal' target.type='image' target.image='ghcr.io/cyclonedx/cdxgen:latest' continue.mode='probe' rt.as.user='true' keep.perms='true' cmd=build state=image.inspection.start cmd=build info=image id='sha256:0341e32d89418b307daebea66eae33cccb53c2a27b9ecf7cbde9594d11556707' size.bytes='8155766825' size.human='8.2 GB' cmd=build info=image.stack index='0' name='ghcr.io/cyclonedx/cdxgen:latest' id='sha256:0341e32d89418b307daebea66eae33cccb53c2a27b9ecf7cbde9594d11556707' cmd=build state=image.inspection.done cmd=build state=container.inspection.start cmd=build info=container name='slimk_40961_20240621142124' id='b54f73d53717f8f6a0bacc1b8e76d320f527da2cc9413ff3c47f71f1cdba5bcb' status='created' cmd=build info=container status='running' name='slimk_40961_20240621142124' id='b54f73d53717f8f6a0bacc1b8e76d320f527da2cc9413ff3c47f71f1cdba5bcb' cmd=build info=container message='obtained IP address' ip='172.17.0.3' cmd=build info=cmd.startmonitor status='sent' cmd=build info=event.startmonitor.done status='received' cmd=build info=container name='slimk_40961_20240621142124' id='b54f73d53717f8f6a0bacc1b8e76d320f527da2cc9413ff3c47f71f1cdba5bcb' target.port.list='' target.port.info='' message='YOU CAN USE THESE PORTS TO INTERACT WITH THE CONTAINER' cmd=build state=http.probe.error error="NO EXPOSED PORTS" message="expose your service port with --expose or disable HTTP probing with --http-probe=false if your containerized application doesnt expose any network services" cmd=build state=exited code=33554435 cmd=build info=container.inspector.cleanup name='slimk_40961_20240621142124' id='b54f73d53717f8f6a0bacc1b8e76d320f527da2cc9413ff3c47f71f1cdba5bcb' cmd=build state=container.target.shutdown.start cmd=build state=container.target.shutdown.done cmd=build info=report file='slim.report.json' cmd=build info=exit code='33554435' version='darwin/arm64|Transformer|1.40.11|latest|latest' location='/opt/homebrew/bin' app='slim' message='GitHub Discussions' info='https://github.com/slimtoolkit/slim/discussions' app='slim' message='Join the CNCF Slack channel to ask questions or to share your feedback' info='https://cloud-native.slack.com/archives/C059QP1RH1S' app='slim' message='Join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS' app='slim' message='Join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
Actual Behavior
➜ ~ docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen:slims -r /app --server --server-host 0.0.0.0 node:internal/modules/cjs/loader:1186 const err = new Error(message); ^
Error: Cannot find module 'node-gyp/bin/node-gyp.js' Require stack:
Node.js v22.2.0
Steps to Reproduce the Problem
1. 1. 1. --- Specifications ================= - Version: - Platform: