CircleCI orb support for Arm64 architecture

robertoj921 · October 23, 2023, 3:55pm

Hi,
We use the published CircleCI orb for performing the Sonarcloud scanning of our Lambda functions before deployment. We are in the process of migrating to the Arm64 architecture to take advantage of AWS cost savings and performance improvements. In order to properly compile the code, the CircleCI executor itself must also be Arm64. So we are now experiencing failures on the Sonarcloud step of our pipeline because it appears the downloaded binary is failing to execute.
The pipeline output shows:

/tmp/cache/scanner/.sonar
/tmp/cache/scanner/sonar-scanner-5.0.1.3006-linux/bin/sonar-scanner: 66: exec: /tmp/cache/scanner/sonar-scanner-5.0.1.3006-linux/jre/bin/java: Exec format error

Exited with code exit status 126

Can you please advise if there is a workaround for this or if a new version of the orb is on the way?

Colin · October 24, 2023, 1:40pm

Hey there.

Can you please post your entire CircleCI YML file?

robertoj921 · October 24, 2023, 2:41pm

We have our own private orb called priv-code-analysis that wraps the sonarcloud orb with some other commands. I’ve trimmed our config file down to the relevant jobs/workflows and also included the orb source. The executor specified is the CircleCI published Arm64 version of their python3.9-node convenience image.

version: 2.1
orbs:
  priv-aws-auth: xxxxxx/priv-aws-auth@0.3.1
  priv-code-analysis: xxxxxx/priv-code-analysis@2.0.0
  priv-workflow: xxxxxx/priv-workflow@4.3.0
parameters:
  account:
    type: string
  environment:
    default: dev
    type: string
  main-branch:
    type: string
    default: main
  repository-name:
    type: string
executors:
  build-executor:
    docker:
      - environment:
          PIPENV_VENV_IN_PROJECT: true
        image: cimg/python:3.9-node@sha256:7f5abe5b6c5ccf4fcdb0e46c8b6fd8446ea7c56f8026bc962128df2068e69464
commands:
  install-dependencies:
    steps:
      - run:
          name: Install packages
          command: |
            pip install 'pipenv<2022.8.13'
jobs:

workflows:
  premerge-deployer:
    jobs:
      - priv-aws-auth/setup-credentials: &setup-credentials
          name: Setup Credentials
          context:
            - AWS_DIGITAL_DEPLOYMENT_USER
            - SLACK
          environment: dev
          account: <<pipeline.parameters.account>>
          pipeline-number: << pipeline.number >>
          repository-name: <<pipeline.parameters.repository-name>>
      - priv-workflow/sync-main:
          name: Merge in <<pipeline.parameters.main-branch>>
          main-branch: <<pipeline.parameters.main-branch>>
          requires:
            - Setup Credentials
      - priv-code-analysis/scan:
          name: Sonar Scan (With Coverage Reports)
          executor: build-executor
          resource-class: arm.medium
          context:
            - SONAR
          scan-prep:
            - install-dependencies
            - run:
                name: Pipenv sync
                command: pipenv sync --dev
          test-command:
            - run:
                name: Run Coverage
                command: |
                  pipenv run coverage run -m pytest
                  pipenv run coverage xml
                  pipenv run coverage report -m
          requires:
            - Merge in <<pipeline.parameters.main-branch>>

# This code is licensed from CircleCI to the user under the MIT license.
# See here for details: https://circleci.com/developer/orbs/licensing
version: 2.1
description: |
    This orb provides functionality to perform testing and inspection of code quality
    by using SonarCloud.
    By default yarn test is executed, but any set of custom commands can be executed by providing
    a list of steps to the test-command parameter.
    Some additional parameters are supported to affect how test results are stored and integrated
    with CircleCI, any SonarCloud specific configuration should be saved in a sonar-project.properties
    file located in the root of the repository.
orbs:
    aws-auth: xxxxx/aws-auth@1.2.0
    aws-cli: circleci/aws-cli@2.0.6
    slack: circleci/slack@4.2.0
    sonarcloud: sonarsource/sonarcloud@2.0.0
executors:
    default:
        docker:
            - image: cimg/node:14.17
jobs:
    scan:
        description: |
            This job run test scripts, analyzes the results and sends them to SonarCloud
        executor: << parameters.executor >>
        parameters:
            artifact-dest:
                default: .
                description: |
                    Testing artifacts found under the artifact-path parameter are moved
                    to this location under the ARTIFACTS tab of the job in CircleCI
                type: string
            artifact-path:
                default: ""
                description: |
                    The path that contains any testing artifacts created that can be attached
                    to the ARTIFACTS tab of the job in CircleCI
                type: string
            channel-name:
                default: ""
                description: |
                    The Slack channel to notify when the job fails. If left blank, no
                    notification will be sent.
                type: string
            executor:
                default: default
                description: |
                    Define executor to run this job
                type: executor
            resource-class:
                default: medium
                description: |
                    The CircleCI resource class to use when running the job
                type: string
            scan-prep:
                default: []
                description: |
                    A list of CircleCI steps to execute in preparation of testing/scanning
                type: steps
            test-command:
                default:
                    - run: yarn test
                description: |
                    A list of CircleCI steps to execute in order to run tests and generate
                    code coverage reports for SonarQube scanning.
                type: steps
            test-results-path:
                default: ""
                description: |
                    The path that contains any test results that you would like to be evaluated
                    under the TESTS tab of the job in CircleCI
                type: string
            workspace-path:
                default: ~/workspace
                description: |
                    Path to attach workspace
                type: string
        resource_class: << parameters.resource-class >>
        steps:
            - checkout
            - aws-cli/install
            - attach_workspace:
                at: << parameters.workspace-path >>
            - aws-auth/restore-credentials:
                workspace-folder-name: aws-auth
            - steps: << parameters.scan-prep >>
            - steps: << parameters.test-command >>
            - when:
                condition: << parameters.artifact-path >>
                steps:
                    - store_artifacts:
                        destination: << parameters.artifact-dest >>
                        path: << parameters.artifact-path >>
            - when:
                condition: << parameters.test-results-path >>
                steps:
                    - store_test_results:
                        path: << parameters.test-results-path >>
            - sonarcloud/scan
            - when:
                condition: << parameters.channel-name >>
                steps:
                    - slack/notify:
                        channel: << parameters.channel-name >>
                        event: fail
                        mentions: <!here>
                        template: basic_fail_1