Resolve "Hoppr fails to load sboms located outside of current working directory"
requested to merge 284-hoppr-fails-to-load-sboms-located-outside-of-current-working-directory into dev
Description
Fixes issue where gitlab would fail to find an sbom relative to the transfer/manifest files because it only looked relative to the cwd.
command run:
hopctl bundle --verbose -t /home/vagrant/projects/hoppr/test/integration/golang/transfer.yml /home/vagrant/projects/hoppr/test/integration/golang/manifest.yml
cwd when cmd was run: /home/vagrant/temp
Results:
│ Stage: _delta_sbom_ │
│ └── Step # Success # Fail │
│ pre_stage_process 1 0 │
│ │
│ Stage: Collect │
│ └── Step # Success # Fail │
│ process_component 3 0 │
│ post_stage_process 1 0 │
│ │
│ Stage: Bundle │
│ └── Step # Success # Fail │
│ post_stage_process 0 1 │
│ │
│ Plugin Component Details │
│ TarBundlePlugin File test/integration/golang/bundle.tar.gz: Directory not found. │
│ │
│ GRAND TOTAL: 5 jobs succeeded, 1 failed As you can see, the run still fails because the test/integration/golang directories don't exist relative to the cwd (/home/vagrant/temp). However they do exist relative to the manifest/transfer files.
TarBundle section in transfer.yml
Bundle:
plugins:
- name: hoppr.core_plugins.bundle_tar
config:
tarfile_name: test/integration/golang/bundle.tar.gzLeads to a Question:
- In this situation, would we want to:
- Create the file relative to cwd
- Create the file relative to other config files (similar to the approach in this MR for handling sbom paths relative to config files)
- Not Create anything, fail the run as we're seeing now (aka no action)
Closes #284 (closed)
Edited by Allen Shearin