search

checkmarx-ts / checkmarx-cxflow-github-action

Checkmarx CxFlow GitHub Action with SARIF output
GNU General Public License v3.0
52 stars 53 forks source link

Action fails if it thinks an active scan is happening. #72

Closed schmidtw closed 6 months ago

schmidtw commented 1 year ago

For smaller repos, or repos with a lot of activity, scans fail if they are executed in close proximity.

 2023-07-28 21:28:58.817  WARN 8 --- [           main] c.c.f.s.AbstractVulnerabilityScanner      [n41kxP25] : Property scan-resubmit set to false : New scan not submitted, due to existing ongoing scan for the same Project id 21955
2023-07-28 21:28:58.824 ERROR 8 --- [           main] c.c.f.s.AbstractVulnerabilityScanner      [n41kxP25] : CheckmarxException: Active Scan with Id 2012833 already exists for Project: 21955

As a consumer of this program, I don't really know when the last time it ran was, or when it's "safe" to try again. This introduces a reasonable number of false failures.

Ideally, the analysis tool will wait until it can get a new ID & then proceed without failing.

Aleksei-Grigorovskii commented 1 year ago

@schmidtw Have you tried adding the parameter --checkmarx.scan-queuing=true ?

satyamchaurasiapersistent commented 6 months ago

you can try scan resubmit ( --checkmarx.scan-resubmit=true ) parameter or scan queuing as true ( --checkmarx.scan-queuing=true ).