content icon indicating copy to clipboard operation
content copied to clipboard
verified publisher icon ComplianceAsCode

Build on CentOS 7 sometimes fails

Open Mab879 opened this issue 3 years ago • 2 comments

Description of problem:

There seems to be an issue that occurs on CentOS 7 and RHEL 7 that causes the build to fail about 25% of the time.

SCAP Security Guide Version:

02cb4f675ebd77564e49760ac55e282ad9e1d71d

Operating System Version:

CentOS 7

Steps to Reproduce:

  1. Build on CentOS 7 with ./build_product alinux2 alinux3 chromium fedora firefox rhcos4 rhel7 rhel8 rhel9 uos20 --derivatives
  2. Repeat step 1 if a failure is not present

Actual Results:

Build failures from time to time.

Expected Results:

Build successfully everytime

Additional Information/Debugging Steps:

Traceback (most recent call last):
  File "/root/content/build-scripts/compile_all.py", line 143, in <module>
    main()
  File "/root/content/build-scripts/compile_all.py", line 135, in main
    load_benchmark_source_data_from_directory_tree(loader, env_yaml, args.product_yaml)
  File "/root/content/build-scripts/compile_all.py", line 80, in load_benchmark_source_data_from_directory_tree
    loader.process_directory_trees(relevant_benchmark_sources)
  File "/root/content/ssg/build_yaml.py", line 1360, in process_directory_trees
    return self.process_directory_tree(start_dir, extra_group_dirs)
  File "/root/content/ssg/build_yaml.py", line 1355, in process_directory_tree
    self._load_group_process_and_recurse(start_dir)
  File "/root/content/ssg/build_yaml.py", line 1348, in _load_group_process_and_recurse
    self._recurse_into_subdirs()
  File "/root/content/ssg/build_yaml.py", line 1366, in _recurse_into_subdirs
    loader.process_directory_tree(subdir)
  File "/root/content/ssg/build_yaml.py", line 1355, in process_directory_tree
    self._load_group_process_and_recurse(start_dir)
  File "/root/content/ssg/build_yaml.py", line 1348, in _load_group_process_and_recurse
    self._recurse_into_subdirs()
  File "/root/content/ssg/build_yaml.py", line 1366, in _recurse_into_subdirs
    loader.process_directory_tree(subdir)
  File "/root/content/ssg/build_yaml.py", line 1355, in process_directory_tree
    self._load_group_process_and_recurse(start_dir)
  File "/root/content/ssg/build_yaml.py", line 1349, in _load_group_process_and_recurse
    self._process_rules()
  File "/root/content/ssg/build_yaml.py", line 1438, in _process_rules
    rule_yaml, self.env_yaml, self.product_cpes, self.sce_metadata)
  File "/root/content/ssg/build_yaml.py", line 760, in from_yaml
    rule = super(Rule, cls).from_yaml(yaml_file, env_yaml, product_cpes)
  File "/root/content/ssg/entities/common.py", line 203, in from_yaml
    raise RuntimeError(msg)
RuntimeError: Error loading a Rule from /root/content/linux_os/guide/services/base/service_kdump_disabled/rule.yml: EOF read where object expected
make[2]: *** [rhel7/profiles] Error 1
make[1]: *** [rhel7/CMakeFiles/rhel7-compile-all.dir/all] Error 2
make[1]: *** Waiting for unfinished jobs....
[  9%] Built target chromium-compile-all
[  9%] Built target firefox-compile-all
Traceback (most recent call last):
  File "/root/content/build-scripts/compile_all.py", line 143, in <module>
    main()
  File "/root/content/build-scripts/compile_all.py", line 135, in main
    load_benchmark_source_data_from_directory_tree(loader, env_yaml, args.product_yaml)
  File "/root/content/build-scripts/compile_all.py", line 80, in load_benchmark_source_data_from_directory_tree
    loader.process_directory_trees(relevant_benchmark_sources)
  File "/root/content/ssg/build_yaml.py", line 1360, in process_directory_trees
    return self.process_directory_tree(start_dir, extra_group_dirs)
  File "/root/content/ssg/build_yaml.py", line 1355, in process_directory_tree
    self._load_group_process_and_recurse(start_dir)
  File "/root/content/ssg/build_yaml.py", line 1348, in _load_group_process_and_recurse
    self._recurse_into_subdirs()
  File "/root/content/ssg/build_yaml.py", line 1366, in _recurse_into_subdirs
    loader.process_directory_tree(subdir)
  File "/root/content/ssg/build_yaml.py", line 1355, in process_directory_tree
    self._load_group_process_and_recurse(start_dir)
  File "/root/content/ssg/build_yaml.py", line 1348, in _load_group_process_and_recurse
    self._recurse_into_subdirs()
  File "/root/content/ssg/build_yaml.py", line 1366, in _recurse_into_subdirs
    loader.process_directory_tree(subdir)
  File "/root/content/ssg/build_yaml.py", line 1355, in process_directory_tree
    self._load_group_process_and_recurse(start_dir)
  File "/root/content/ssg/build_yaml.py", line 1348, in _load_group_process_and_recurse
    self._recurse_into_subdirs()
  File "/root/content/ssg/build_yaml.py", line 1366, in _recurse_into_subdirs
    loader.process_directory_tree(subdir)
  File "/root/content/ssg/build_yaml.py", line 1355, in process_directory_tree
    self._load_group_process_and_recurse(start_dir)
  File "/root/content/ssg/build_yaml.py", line 1348, in _load_group_process_and_recurse
    self._recurse_into_subdirs()
  File "/root/content/ssg/build_yaml.py", line 1366, in _recurse_into_subdirs
    loader.process_directory_tree(subdir)
  File "/root/content/ssg/build_yaml.py", line 1355, in process_directory_tree
    self._load_group_process_and_recurse(start_dir)
  File "/root/content/ssg/build_yaml.py", line 1349, in _load_group_process_and_recurse
    self._process_rules()
  File "/root/content/ssg/build_yaml.py", line 1438, in _process_rules
    rule_yaml, self.env_yaml, self.product_cpes, self.sce_metadata)
  File "/root/content/ssg/build_yaml.py", line 760, in from_yaml
    rule = super(Rule, cls).from_yaml(yaml_file, env_yaml, product_cpes)
  File "/root/content/ssg/entities/common.py", line 203, in from_yaml
    raise RuntimeError(msg)
RuntimeError: Error loading a Rule from /root/content/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml: EOF read where object expected
make[2]: *** [fedora/profiles] Error 1
make[1]: *** [fedora/CMakeFiles/fedora-compile-all.dir/all] Error 2
Traceback (most recent call last):
  File "/root/content/build-scripts/compile_all.py", line 143, in <module>
    main()
  File "/root/content/build-scripts/compile_all.py", line 135, in main
    load_benchmark_source_data_from_directory_tree(loader, env_yaml, args.product_yaml)
  File "/root/content/build-scripts/compile_all.py", line 80, in load_benchmark_source_data_from_directory_tree
    loader.process_directory_trees(relevant_benchmark_sources)
  File "/root/content/ssg/build_yaml.py", line 1360, in process_directory_trees
    return self.process_directory_tree(start_dir, extra_group_dirs)
  File "/root/content/ssg/build_yaml.py", line 1355, in process_directory_tree
    self._load_group_process_and_recurse(start_dir)
  File "/root/content/ssg/build_yaml.py", line 1348, in _load_group_process_and_recurse
    self._recurse_into_subdirs()
  File "/root/content/ssg/build_yaml.py", line 1366, in _recurse_into_subdirs
    loader.process_directory_tree(subdir)
  File "/root/content/ssg/build_yaml.py", line 1355, in process_directory_tree
    self._load_group_process_and_recurse(start_dir)
  File "/root/content/ssg/build_yaml.py", line 1348, in _load_group_process_and_recurse
    self._recurse_into_subdirs()
  File "/root/content/ssg/build_yaml.py", line 1366, in _recurse_into_subdirs
    loader.process_directory_tree(subdir)
  File "/root/content/ssg/build_yaml.py", line 1355, in process_directory_tree
    self._load_group_process_and_recurse(start_dir)
  File "/root/content/ssg/build_yaml.py", line 1348, in _load_group_process_and_recurse
    self._recurse_into_subdirs()
  File "/root/content/ssg/build_yaml.py", line 1366, in _recurse_into_subdirs
    loader.process_directory_tree(subdir)
  File "/root/content/ssg/build_yaml.py", line 1355, in process_directory_tree
    self._load_group_process_and_recurse(start_dir)
  File "/root/content/ssg/build_yaml.py", line 1348, in _load_group_process_and_recurse
    self._recurse_into_subdirs()
  File "/root/content/ssg/build_yaml.py", line 1366, in _recurse_into_subdirs
    loader.process_directory_tree(subdir)
  File "/root/content/ssg/build_yaml.py", line 1355, in process_directory_tree
    self._load_group_process_and_recurse(start_dir)
  File "/root/content/ssg/build_yaml.py", line 1349, in _load_group_process_and_recurse
    self._process_rules()
  File "/root/content/ssg/build_yaml.py", line 1438, in _process_rules
    rule_yaml, self.env_yaml, self.product_cpes, self.sce_metadata)
  File "/root/content/ssg/build_yaml.py", line 760, in from_yaml
    rule = super(Rule, cls).from_yaml(yaml_file, env_yaml, product_cpes)
  File "/root/content/ssg/entities/common.py", line 203, in from_yaml
    raise RuntimeError(msg)
RuntimeError: Error loading a Rule from /root/content/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml: EOF read where object expected
make[2]: *** [uos20/profiles] Error 1
make[1]: *** [uos20/CMakeFiles/uos20-compile-all.dir/all] Error 2
Traceback (most recent call last):
  File "/root/content/build-scripts/compile_all.py", line 143, in <module>
    main()
  File "/root/content/build-scripts/compile_all.py", line 135, in main
    load_benchmark_source_data_from_directory_tree(loader, env_yaml, args.product_yaml)
  File "/root/content/build-scripts/compile_all.py", line 80, in load_benchmark_source_data_from_directory_tree
    loader.process_directory_trees(relevant_benchmark_sources)
  File "/root/content/ssg/build_yaml.py", line 1360, in process_directory_trees
    return self.process_directory_tree(start_dir, extra_group_dirs)
  File "/root/content/ssg/build_yaml.py", line 1355, in process_directory_tree
    self._load_group_process_and_recurse(start_dir)
  File "/root/content/ssg/build_yaml.py", line 1348, in _load_group_process_and_recurse
    self._recurse_into_subdirs()
  File "/root/content/ssg/build_yaml.py", line 1366, in _recurse_into_subdirs
    loader.process_directory_tree(subdir)
  File "/root/content/ssg/build_yaml.py", line 1355, in process_directory_tree
    self._load_group_process_and_recurse(start_dir)
  File "/root/content/ssg/build_yaml.py", line 1348, in _load_group_process_and_recurse
    self._recurse_into_subdirs()
  File "/root/content/ssg/build_yaml.py", line 1366, in _recurse_into_subdirs
    loader.process_directory_tree(subdir)
  File "/root/content/ssg/build_yaml.py", line 1355, in process_directory_tree
    self._load_group_process_and_recurse(start_dir)
  File "/root/content/ssg/build_yaml.py", line 1348, in _load_group_process_and_recurse
    self._recurse_into_subdirs()
  File "/root/content/ssg/build_yaml.py", line 1366, in _recurse_into_subdirs
    loader.process_directory_tree(subdir)
  File "/root/content/ssg/build_yaml.py", line 1355, in process_directory_tree
    self._load_group_process_and_recurse(start_dir)
  File "/root/content/ssg/build_yaml.py", line 1349, in _load_group_process_and_recurse
    self._process_rules()
  File "/root/content/ssg/build_yaml.py", line 1438, in _process_rules
    rule_yaml, self.env_yaml, self.product_cpes, self.sce_metadata)
  File "/root/content/ssg/build_yaml.py", line 760, in from_yaml
    rule = super(Rule, cls).from_yaml(yaml_file, env_yaml, product_cpes)
  File "/root/content/ssg/entities/common.py", line 203, in from_yaml
    raise RuntimeError(msg)
RuntimeError: Error loading a Rule from /root/content/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_aarch64/rule.yml: EOF read where object expected
make[2]: *** [alinux3/profiles] Error 1
make[1]: *** [alinux3/CMakeFiles/alinux3-compile-all.dir/all] Error 2
[  9%] Built target alinux2-compile-all
[  9%] Built target rhcos4-compile-all
make: *** [all] Error 2

Mab879 avatar Dec 16 '22 21:12 Mab879

Description of problem:

There is an issue that occurs on RHEL8 that is causing build to fail 100% of the time.

SCAP Security Guide Version: 0.1.65

Operating System Version: RHEL8

Steps to Reproduce: Build on RHEL8 with ./build_product rhel8

Actual Results:

Build failures 100% of the time

Expected Results: Build successfully everytime

Additional Information/Debugging Steps: Output from running build script

-- Build files have been written to: /root/SSG-1.65/content/build

[  2%] [rhel8-content] generating sce/metadata.json

[  2%] Built target generate-internal-rhel8-sce-metadata.json

[  5%] [rhel8-content] compiling everything

Traceback (most recent call last):

  File "/root/SSG-1.65/content/ssg/entities/common.py", line 166, in parse_yaml_into_processed_dict

    processed_data = cls.process_input_dict(yaml_data, env_yaml, product_cpes)

  File "/root/SSG-1.65/content/ssg/entities/common.py", line 141, in process_input_dict

    raise ValueError(msg)

ValueError: Key 'name' is mandatory for definition of 'CPEItem'.


During handling of the above exception, another exception occurred: 

Traceback (most recent call last):

  File "/root/SSG-1.65/content/ssg/entities/common.py", line 196, in from_yaml

    data_dict = cls.parse_yaml_into_processed_dict(yaml_file, local_env_yaml, product_cpes)

  File "/root/SSG-1.65/content/ssg/entities/common.py", line 171, in parse_yaml_into_processed_dict

    raise ValueError(msg)

ValueError: Error processing /root/SSG-1.65/content/shared/applicability/firmware.yml: Key 'name' is mandatory for definition of 'CPEItem'.

 

During handling of the above exception, another exception occurred:

 

Traceback (most recent call last):

  File "/root/SSG-1.65/content/build-scripts/compile_all.py", line 143, in <module>

    main()

  File "/root/SSG-1.65/content/build-scripts/compile_all.py", line 124, in main

    product_cpes.load_content_cpes(env_yaml)

  File "/root/SSG-1.65/content/ssg/build_cpe.py", line 58, in load_content_cpes

    self.load_cpes_from_directory_tree(cpes_root, env_yaml)

  File "/root/SSG-1.65/content/ssg/build_cpe.py", line 75, in load_cpes_from_directory_tree

    cpe_item = CPEItem.from_yaml(dir_item_path, env_yaml)

  File "/root/SSG-1.65/content/ssg/build_cpe.py", line 182, in from_yaml

    cpe_item = super(CPEItem, cls).from_yaml(yaml_file, env_yaml, product_cpes)

  File "/root/SSG-1.65/content/ssg/entities/common.py", line 203, in from_yaml

    raise RuntimeError(msg)

RuntimeError: Error loading a CPEItem from /root/SSG-1.65/content/shared/applicability/firmware.yml: Error processing /root/SSG-1.65/content/shared/applicability/firmware.yml: Key 'name' is mandatory for definition of 'CPEItem'.

make[2]: *** [rhel8/CMakeFiles/rhel8-compile-all.dir/build.make:74: rhel8/profiles] Error 1

make[1]: *** [CMakeFiles/Makefile2:400: rhel8/CMakeFiles/rhel8-compile-all.dir/all] Error 2

make: *** [Makefile:154: all] Error 2

Contents of firmware.yml file

cpes:

 

  - uefi:

      name: "cpe:/a:uefi"

      title: "System boot mode is UEFI"

      check_id: system_boot_mode_is_uefi

      bash_conditional: '[ -f /sys/firmware/efi ]'

      ansible_conditional: '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'

 

  - non-uefi:

      name: "cpe:/a:non-uefi"

      title: "System boot mode is non-UEFI"

      check_id: system_boot_mode_is_non_uefi

      bash_conditional: '[ ! -f /sys/firmware/efi ]'

      ansible_conditional: '"/boot/efi" not in ansible_mounts | map(attribute="mount") | list'

boozacs avatar Jan 23 '23 19:01 boozacs

Still and issue https://github.com/ComplianceAsCode/content/actions/runs/7784884593/job/21226273533?pr=11540

Mab879 avatar Feb 05 '24 15:02 Mab879

RHEL 7 has been removed from the project, closing.

Mab879 avatar Jul 01 '24 14:07 Mab879