Licence scanning fails Installing mimemagic
Summary
Reported on zd-217683(internal). Customer has setup License Scanning job. The job runs fine but when attempting to fetch dependencies from Gemfile
it fails with error
Fetching mimemagic 0.3.10
Installing mimemagic 0.3.10 with native extensions
Gem::Ext::BuildError: ERROR: Failed to build gem native extension.
Further details
freedesktop.org.xml
can't be found when compiling native extensions for the mimemagic
gem. This XML file should provided by the shared-mime-info
package but it's missing even though the Debian package is installed in registry.gitlab.com/gitlab-org/security-products/analyzers/license-finder:3
.
% docker run -ti --entrypoint /bin/bash registry.gitlab.com/gitlab-org/security-products/analyzers/license-finder:3
root@21f917c1ef8c:~# dpkg -l shared-mime-info
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-================-============-============-=============================================
ii shared-mime-info 1.10-1 amd64 FreeDesktop.org shared MIME database and spec
root@21f917c1ef8c:~# dpkg -L shared-mime-info|grep freedesktop.org.xml
/usr/share/mime/packages/freedesktop.org.xml
root@21f917c1ef8c:~# ls /usr/share/mime/packages/freedesktop.org.xml
Re-installing shared-mime-info
by running apt-get install --reinstall
doesn't solve the problem.
registry.gitlab.com/gitlab-org/security-products/analyzers/license-finder:3
is based on debian:stable-slim
.
/usr/share/mime/packages/freedesktop.org.xml
is added when installing shared-mime-info
in debian:stable-slim
, as expected.
Steps to reproduce
- Create new rails project
- Have a gem dependency for mimemagic
- Configure License Scanning job on
gitlab-ci.yml
file. - Run pipeline
Example Project
What is the current bug behavior?
License scanning job fails do to unable to install mimemagic gem.
What is the expected correct behavior?
License scanning should be able to install mimemagic gem, and complete successfully.
Relevant logs and/or screenshots
Output of checks
Results of GitLab environment info
Expand for output related to GitLab environment info
(For installations with omnibus-gitlab package run and paste the output of: `sudo gitlab-rake gitlab:env:info`) (For installations from source run and paste the output of: `sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)
Results of GitLab application Check
Expand for output related to the GitLab application check
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true
)(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true
)(we will only investigate if the tests are passing)
Possible fixes
- Fix: change the Dockerfile to properly install
shared-mime-info
- Workaround: fetch
freedesktop.org.xml
and save it under/usr/share/mime/packages/freedesktop.org.xml