SAST is failing on GitLab CE and EE
Summary
Even if our tests projects are green, when running on big repositories like GitLab CE or EE the SAST job fails with:
2018/05/17 15:21:10 archive/tar: write too long
Steps to reproduce
Execute sast:10-8-stable
on a "big" repo (threshold size unknown yet)
Example Project
https://gitlab.com/gitlab-org/gitlab-ee/-/jobs/68924032
What is the current bug behavior?
SAST execution fails.
What is the expected correct behavior?
SAST execution succeeds.
Relevant logs and/or screenshots
[0KRunning with gitlab-runner 10.7.0 (7c273476)
[0;m[0K on docker-auto-scale-com 9fa978b6
[0;m[0KUsing Docker executor with image docker:stable ...
[0;m[0KStarting service docker:stable-dind ...
[0;m[0KPulling docker image docker:stable-dind ...
[0;m[0KUsing docker image sha256:824b0ae8cb2720f6720011514c89e50c51164a55bc1ae7455957f8c9ba68e782 for docker:stable-dind ...
[0;m[0KWaiting for services to be up and running...
[0;m[0KPulling docker image docker:stable ...
[0;m[0KUsing docker image sha256:c51a2cac7341fe55d38feb70157eb12d56b2039977d4175229432de09bd18896 for docker:stable ...
[0;msection_start:1526570446:prepare_script
[0KRunning on runner-9fa978b6-project-278964-concurrent-0 via runner-9fa978b6-prm-1526568830-d12b8fa3...
section_end:1526570447:prepare_script
[0Ksection_start:1526570447:get_sources
[0K[32;1mFetching changes for doc-update_sast_supported_languages with git depth set to 20...[0;m
HEAD is now at 0599c9cb Add Java Gradle and PHP to the list of supported languages for SAST
[32;1mChecking out 0599c9cb as doc-update_sast_supported_languages...[0;m
[32;1mSkipping Git submodules setup[0;m
section_end:1526570450:get_sources
[0Ksection_start:1526570450:restore_cache
[0Ksection_end:1526570451:restore_cache
[0Ksection_start:1526570451:download_artifacts
[0Ksection_end:1526570453:download_artifacts
[0Ksection_start:1526570453:build_script
[0K[32;1m$ export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')[0;m
[32;1m$ docker run --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}" --volume "$PWD:/code" --volume /var/run/docker.sock:/var/run/docker.sock "registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code[0;m
Unable to find image 'registry.gitlab.com/gitlab-org/security-products/sast:10-8-stable' locally
10-8-stable: Pulling from gitlab-org/security-products/sast
174e74cd24cd: Pulling fs layer
174e74cd24cd: Verifying Checksum
174e74cd24cd: Download complete
174e74cd24cd: Pull complete
Digest: sha256:62cb0ac03efc54b9105324547942dd9b87a3d327e7e152a54d5f7b8972901ef2
Status: Downloaded newer image for registry.gitlab.com/gitlab-org/security-products/sast:10-8-stable
2018/05/17 15:20:54 Copy project directory to containers
2018/05/17 15:20:54 [bandit] Detect project using plugin
2018/05/17 15:20:54 [bandit] Project not compatible
2018/05/17 15:20:54 [brakeman] Detect project using plugin
2018/05/17 15:20:54 [brakeman] Project is compatible
2018/05/17 15:20:54 [brakeman] Starting analyzer...
10-8-stable: Pulling from gitlab-org/security-products/analyzers/brakeman
cc1a78bfd46b: Pulling fs layer
6861473222a6: Pulling fs layer
7e0b9c3b5ae0: Pulling fs layer
3ec98735f56f: Pulling fs layer
9b311b87a021: Pulling fs layer
598f3b74c68f: Pulling fs layer
7f4c0751f696: Pulling fs layer
2956d2d1f81e: Pulling fs layer
3b86122b91ad: Pulling fs layer
03ba089f488b: Pulling fs layer
598f3b74c68f: Waiting
7f4c0751f696: Waiting
2956d2d1f81e: Waiting
3b86122b91ad: Waiting
03ba089f488b: Waiting
3ec98735f56f: Waiting
9b311b87a021: Waiting
7e0b9c3b5ae0: Download complete
6861473222a6: Verifying Checksum
6861473222a6: Download complete
cc1a78bfd46b: Verifying Checksum
cc1a78bfd46b: Download complete
598f3b74c68f: Verifying Checksum
598f3b74c68f: Download complete
7f4c0751f696: Verifying Checksum
7f4c0751f696: Download complete
2956d2d1f81e: Verifying Checksum
2956d2d1f81e: Download complete
3ec98735f56f: Verifying Checksum
3ec98735f56f: Download complete
3b86122b91ad: Verifying Checksum
3b86122b91ad: Download complete
03ba089f488b: Verifying Checksum
03ba089f488b: Download complete
cc1a78bfd46b: Pull complete
9b311b87a021: Verifying Checksum
9b311b87a021: Download complete
6861473222a6: Pull complete
7e0b9c3b5ae0: Pull complete
3ec98735f56f: Pull complete
9b311b87a021: Pull complete
598f3b74c68f: Pull complete
7f4c0751f696: Pull complete
2956d2d1f81e: Pull complete
3b86122b91ad: Pull complete
03ba089f488b: Pull complete
Digest: sha256:a0855b8b83da32812f8b821f0630afda7782a1a325469e5a061e14142aa738a2
Status: Downloaded newer image for registry.gitlab.com/gitlab-org/security-products/analyzers/brakeman:10-8-stable
2018/05/17 15:21:10 archive/tar: write too long
section_end:1526570471:build_script
[0Ksection_start:1526570471:after_script
[0K[32;1mRunning after script...[0;m
[32;1m$ date[0;m
Thu May 17 15:21:11 UTC 2018
section_end:1526570472:after_script
[0K[31;1mERROR: Job failed: exit code 1
[0;m
Edited by Olivier Gonzalez