You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm trying to integrate Horusec on BitBucket.
But I need help when creating container tools of analysis.
Bitbucket gave me this error:
Error when creating a container of analysis: " error=" Error response from daemon: authorization denied by plugin pipelines: --mounts is not allowed"
It seems like Bitbucket does not support --mount. It just supports --volume.
If I manually trigger a container with --volume, it works (docker run -v=$BITBUCKET_CLONE_DIR:/test ubuntu).
This is the code that I'm using on the integration,
image: ubuntu
clone:
depth: full
pipelines:
branches:
master:
- step:
name: SAST
image: docker:19.03.0-dind
script:
- docker ps
# Test --volume with ubuntu, works
- docker run -v=$BITBUCKET_CLONE_DIR:/test ubuntu
- set -eux
- apk add --no-cache curl sudo bash git jq
- curl -fsSL https://raw.githubusercontent.com/ZupIT/horusec/main/deployments/scripts/install.sh | bash -s latest
- horusec --log-level="trace" start -P $BITBUCKET_CLONE_DIR -p $BITBUCKET_CLONE_DIR
services:
- docker
What would you like to be added:
A Custom command flag to customize how horusec provides the code for external tools like phpcs ( use --mount or --volume).
Why is this needed:
Bitbucket is a well used tool, without this I cant figureout a way to use horusec on it.
Execution Log:
+ horusec start -P $BITBUCKET_CLONE_DIR -p $BITBUCKET_CLONE_DIR
time="2023-01-26T19:15:24Z" level=warning msg="{HORUSEC_CLI} When starting the analysis WE SKIP A TOTAL OF 75 FILES that are not considered to be analyzed. To see more details use flag --log-level=debug"
time="2023-01-26T19:15:24Z" level=warning msg="Horusec will return a timeout after 600 seconds. This time can be customized in the cli settings."
time="2023-01-26T19:15:24Z" level=warning msg="{HORUSEC_CLI} PLEASE DON'T REMOVE \".horusec\" FOLDER BEFORE THE ANALYSIS FINISH! Don’t worry, we’ll remove it after the analysis ends automatically! Project sent to folder in location: [/opt/atlassian/pipelines/agent/build/.horusec/f5b4fb4c-b666-44db-9ce5-74fb18d3da16]"
⣾ Scanning code ...
....
⣻ Scanning code ...time="2023-01-26T19:15:31Z" level=error msg="{HORUSEC_CLI} Error when create container of analysis: " error="Error response from daemon: authorization denied by plugin pipelines: --mounts is not allowed"
⢿ Scanning code ...
⡿ Scanning code ...time="2023-01-26T19:15:32Z" level=error msg="{HORUSEC_CLI} Error when create container of analysis: " error="Error response from daemon: authorization denied by plugin pipelines: --mounts is not allowed"
Evidences
With --volume, it works:
It seen like horusec is using --mount, Bit bucket do not support this.
The text was updated successfully, but these errors were encountered:
I'm trying to integrate Horusec on BitBucket.
But I need help when creating container tools of analysis.
Bitbucket gave me this error:
It seems like Bitbucket does not support
--mount
. It just supports--volume
.If I manually trigger a container with
--volume
, it works (docker run -v=$BITBUCKET_CLONE_DIR:/test ubuntu
).This is the code that I'm using on the integration,
What would you like to be added:
A Custom command flag to customize how horusec provides the code for external tools like phpcs ( use
--mount
or--volume
).Why is this needed:
Bitbucket is a well used tool, without this I cant figureout a way to use horusec on it.
Execution Log:
Evidences
With
--volume
, it works:It seen like horusec is using
--mount
, Bit bucket do not support this.The text was updated successfully, but these errors were encountered: