[BUG] Build fails with connection errors during maven tests

[johnjbutler]

Describe the bug When building the OWASP Security Shepherd Project (Reskinned) by following the Wiki Instructions, I encounter an error with the surefire-plugin:

BUILD FAILURE Total time: 25.698 s
Finished at: 2022-05-17T15:18:12-04:00 [ERROR] Failed to execute goal org.apache.maven.plugins:maven-surefire-plugin:2.19.1:test (default-test) on project owaspSecurityShepherd: There are test failures.

[ERROR] Please refer to /Users/jackbutler/Documents/Other/OWASP/GuardsquareSecShepCTF-dev/target/surefire-reports for the individual test results.

[ERROR] -> [Help 1] [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch. [ERROR] Re-run Maven using the -X switch to enable full debug logging.

[ERROR] For more information about the errors and possible solutions, please read the following articles: [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException

To Reproduce Steps to reproduce the behavior:

1. Fork OWASP Security Shepherd from GitHub
2. Clone your own repo
3. Open it, modify the CSS as you wish
4. run 'mvn clean install' to install the pom.xml file
5. See the error (above) related to surefire-plugin.

Expected behavior I would expect it to build, as per the How to Reskin Shepherd Wiki instructions

I would expect the instructions to work as explained.

Also, the [Help1] link to this website: http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException

Is useless. So I would suggest adding a more relevant error in this case.

Desktop

• MacBook Air (Retina, 13-inch, 2019)
• 1.6 GHz Dual-Core Intel Core i5
• 16 GB 2133 MHz LPDDR3
• Browser [chrome]

Further Information:

• mvn version [Apache Maven 3.8.5 (3599d3414f046de2324203b78ddcf9b5e4388aa0)]
• java version:

openjdk 11.0.2 2019-01-15 OpenJDK Runtime Environment 18.9 (build 11.0.2+9) OpenJDK 64-Bit Server VM 18.9 (build 11.0.2+9, mixed mode)

I tried the following

• Updating the surefire plugin to latest versions 3.0.0-M1 and 3.0.0-M6 in the pom.xml and it did nothing.

Screenshots

Additional context The instructions to re-skin, when followed, should work. As they stand, they don't. If there is something I am missing (seasoned solutions engineer) then please add that context to the instructions. This is a great OSP. We should improve the docs.

[ismisepaul]

Hi @johnjbutler it looks like the problem is the version of Java installed. The project needs Java 8 see https://github.com/OWASP/SecurityShepherd/issues/595#issuecomment-1066160438 or else it'll fail.

[johnjbutler]

@ismisepaul Boom! Easy enough to fix then. Do you know which distribution (Zulu, Temurin, Semuru, ...)

For ease, I am using a tool called SDKMAN: https://sdkman.io/

And these are the java versions available:

================================================================================ Available Java Versions for macOS 64bit

---

Corretto
| | 8.332.08.1 | amzn | | 8.332.08.1-amzn | | 8.322.06.2 | amzn | | 8.322.06.2-amzn | | 8.322.06.1 | amzn | | 8.322.06.1-amzn

Liberica
| | 8.0.332.fx | librca | | 8.0.332.fx-librca | | 8.0.332 | librca | | 8.0.332-librca | | 8.0.322.fx | librca | | 8.0.322.fx-librca

Semeru | | 8.0.332 | sem | | 8.0.332-sem | | 8.0.322 | sem | | 8.0.322-sem

Temurin
| | 8.0.332 | tem | | 8.0.332-tem | | 8.0.322 | tem | | 8.0.322-tem

Trava
| | 8.0.232 | trava | | 8.0.232-trava

Zulu
| | 8.0.332 | zulu | | 8.0.332-zulu | | 8.0.332.fx | zulu | | 8.0.332.fx-zulu | | 8.0.322.fx | zulu | | 8.0.322.fx-zulu | | 7.0.342 | zulu | | 7.0.342-zulu | | 7.0.332 | zulu | | 7.0.332-zulu

[ismisepaul]

Here's what I'm using (zulu) but it shouldn't matter

openjdk version "1.8.0_322"
OpenJDK Runtime Environment (Zulu 8.60.0.21-CA-macos-aarch64) (build 1.8.0_322-b06)
OpenJDK 64-Bit Server VM (Zulu 8.60.0.21-CA-macos-aarch64) (build 25.322-b06, mixed mode)

Also be aware there is a problem updating surefire see https://github.com/OWASP/SecurityShepherd/pull/644

[johnjbutler]

Got it! So @ismisepaul , just to confirm (may also be helpful any other viewers) the solution here is as follows:

1. Use Java 8
2. Keep the surefire-plugin set (as is) in the pom.xml file and don't touch it!

For any onlookers, I will verify all of this - and I will update to confirm my successes here. :)

[johnjbutler]

@ismisepaul

Thanks for your help, much appreciated! Sadly, that didn't work for me. So, this may not be a "silver-bullet solution". Unless I am missing something? But we can keep looking! :)

I tested with your same java version:

openjdk version "1.8.0_332" OpenJDK Runtime Environment (Zulu 8.62.0.19-CA-macosx) (build 1.8.0_332-b09) OpenJDK 64-Bit Server VM (Zulu 8.62.0.19-CA-macosx) (build 25.332-b09, mixed mode)

And I end up with the same error:

I did not modify the pom.xml surefire-plugin at all:

Interested to see if this may haver any other known-cause?

[ismisepaul]

TL;DR

1. Install a database locally or run the docker database
2. change the variables in the .env file to connect to the database you set up in step 1
3. run mvn

Long version

Looking at your screenshot it looks like a communication exception when trying to connect to the db.

You need to have a database running for the tests to run. You can either install

• mariadb 10.5.8 or mysql 5.7.26 database locally
• run the docker db container with docker-compose up db

There is a file that get created dynamically during the test phase of maven called database.properties see here https://github.com/OWASP/SecurityShepherd/blob/a70954b585daecf29f7e6071a87f08c7c8077e23/src/test/java/testUtils/TestProperties.java#L417 which is reads variables from the .env file

Be sure to change the follow variables in the .env file (in the root of the directory) to match your db set up

• TEST_MYSQL_HOST=
• TEST_MYSQL_PORT=
• TEST_MYSQL_PASSWORD=

[ismisepaul]

Also if you just want to build the war without running tests use mvn clean install -DskipTests that way you don't need a local db to build.

[ismisepaul]

Feel free to reopen if this wasn't answered