Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sbom inspect issue when package re-used in a bundle #1038

Open
MxNxPx opened this issue Dec 9, 2024 · 0 comments
Open

sbom inspect issue when package re-used in a bundle #1038

MxNxPx opened this issue Dec 9, 2024 · 0 comments
Labels
possible-bug Something may not be working

Comments

@MxNxPx
Copy link

MxNxPx commented Dec 9, 2024

Environment

Device and OS: Linux, Mac, GitHub runner
App version:
Kubernetes distro being used: N/A
Other:

Steps to reproduce

  1. define bundle that re-uses a package
cat <<EOF > uds-bundle.yaml
kind: UDSBundle
metadata:
  name: test-bundle
  version: "0.0.1"
packages:
  - name: nginx-one
    repository: ghcr.io/defenseunicorns/packages/uds/nginx
    ref: 1.27.3-upstream
  - name: nginx-too
    repository: ghcr.io/defenseunicorns/packages/uds/nginx
    ref: 1.27.3-upstream
EOF
  1. create bundle
uds create --confirm
  1. try and inspect with sbom
uds inspect --sbom uds-bundle-*.tar.zst

Expected result

should display the bundle yaml and output an sbom tar file

Actual Result

     ERROR:  failed to inspect bundle: failed to extract 644ec9bc7af653fff952fbb438bdc49a6eca5f7af50733b5288006409e79b170 from uds-bundle-test-bundle-arm64-0.0.1.tar.zst: walking 644ec9bc7af653fff952fbb438bdc49a6eca5f7af50733b5288006409e79b170: extracting file blobs/sha256/644ec9bc7af653fff952fbb438bdc49a6eca5f7af50733b5288006409e79b170: file already exists: /var/folders/x5/9sbp9j3n4cj6dq856xl9g08c0000gp/T/zarf-3102812649/blobs/sha256/644ec9bc7af653fff952fbb438bdc49a6eca5f7af50733b5288006409e79b170

Visual Proof (screenshots, videos, text, etc)

Severity/Priority

Additional Context

https://defense-unicorns.slack.com/archives/C06QJAUHWFN/p1733671019536349?thread_ts=1726666577.394639&cid=C06QJAUHWFN
@MxNxPx MxNxPx added the possible-bug Something may not be working label Dec 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
possible-bug Something may not be working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@MxNxPx