search

eclipse / steady

Analyses your Java applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/
Apache License 2.0
517 stars 124 forks source link

Failed: Application context is required to execute goal [APP] #581

Closed momo-tong closed 1 year ago

momo-tong commented 1 year ago

I got ERR "[main] [ERROR] e.steady.shared.util.StopWatch - [871638] [00.325 ms] Failed: Application context is required to execute goal [APP]" when using " java -jar steady-cli-3.2.5-jar-with-dependencies.jar -goal app"

I put spring-boot-security-saml-sample-2.0.0.RELEASE.jar in app, and copy dependencies in app/target/dependency. Running normal using steady-cli-3.2.4-jar-with-dependencies.jar, but update to 3.2.5, i got the error. I got the same error when reuse 3.2.4 version. Can you offer some suggestions or ideas?

2023-02-20 18:54:18,478 [main] [INFO ] shared.util.VulasConfiguration -     vulas.shared.env=[PROCESSOR_IDENTIFIER, NUMBER_OF_PROCESSORS, PROCESSOR_LEVEL, PROCESSOR_ARCHITECTURE, PROCESSOR_REVISION, JAVA_HOME, COMPUTERNAME, MAVEN_PROJECTBASEDIR, MAVEN_HOME, MAVEN_CONFIG, MAVEN_OPTS, BUILD_URL, BUILD_TAG, BUILD_TIMESTAMP, BUILD_DISPLAY_NAME, BUILD_ID, BUILD_NUMBER, BUILD_VERSION]
2023-02-20 18:54:18,478 [main] [INFO ] shared.util.VulasConfiguration -     vulas.shared.homepage=https://eclipse.github.io/steady
2023-02-20 18:54:18,478 [main] [INFO ] shared.util.VulasConfiguration -     vulas.shared.sys=[os., java., runtime., maven., sun.]
2023-02-20 18:54:18,479 [main] [INFO ] shared.util.VulasConfiguration -     vulas.shared.version=3.2.5-SNAPSHOT
2023-02-20 18:54:18,484 [main] [ERROR] e.steady.shared.util.StopWatch - [871638] [00.325 ms] Failed: Application context is required to execute goal [APP]
Exception in thread "main" org.eclipse.steady.goals.GoalConfigurationException: Application context is required to execute goal [APP]
    at org.eclipse.steady.goals.AbstractAppGoal.prepareExecution(AbstractAppGoal.java:108)
    at org.eclipse.steady.goals.BomGoal.prepareExecution(BomGoal.java:57)
    at org.eclipse.steady.goals.AbstractGoal.start(AbstractGoal.java:419)
    at org.eclipse.steady.goals.AbstractGoal.execute(AbstractGoal.java:254)
    at org.eclipse.steady.goals.AbstractGoal.executeSync(AbstractGoal.java:248)
    at org.eclipse.steady.cli.VulasCli.main(VulasCli.java:99)
serenaponta commented 1 year ago

Hi @momo-tong ,

this error usually happens when the application coordinates vulas.core.appContext.group = <GROUP>, vulas.core.appContext.artifact = <ARTIFACT>, vulas.core.appContext.version = <VERSION> are not provided in the steady-custom.properties configuration. Also note that the dependencies are distinguished from application code based on the configuration of vulas.core.app.appPrefixes = and vulas.core.app.appJarNames =.

See #542 for a similar issue and tutorial.

momo-tong commented 1 year ago

Hi Thank for your reply. I want to analyze spring-boot-security-saml-sample-2.0.0.RELEASE jar. Basically got the same error that tried the following configurations. By the way, pom.xml in the jar haves tag, doesn't that matter?

# parent tag in pom.xml of spring-boot-security-saml-sample-2.0.0.RELEASE jar

<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.1.1.RELEASE</version>
</parent>

#ERROR INFO

2023-02-21 11:13:46,173 [main] [INFO ] shared.util.VulasConfiguration -     vulas.shared.sys=[os., java., runtime., maven., sun.]
2023-02-21 11:13:46,175 [main] [INFO ] shared.util.VulasConfiguration -     vulas.shared.version=3.2.4
2023-02-21 11:13:46,182 [main] [ERROR] e.steady.shared.util.StopWatch - [045914] [00.309 ms] Failed: Application context is required to execute goal [APP]
Exception in thread "main" org.eclipse.steady.goals.GoalConfigurationException: Application context is required to execute goal [APP]
    at org.eclipse.steady.goals.AbstractAppGoal.prepareExecution(AbstractAppGoal.java:108)
    at org.eclipse.steady.goals.BomGoal.prepareExecution(BomGoal.java:57)
    at org.eclipse.steady.goals.AbstractGoal.start(AbstractGoal.java:419)
    at org.eclipse.steady.goals.AbstractGoal.execute(AbstractGoal.java:254)
    at org.eclipse.steady.goals.AbstractGoal.executeSync(AbstractGoal.java:248)
    at org.eclipse.steady.cli.VulasCli.main(VulasCli.java:99)

#the first configuration 

vulas.core.appContext.group = com.vdenotaris.spring
vulas.core.appContext.artifact = spring-boot-security-saml-sample
vulas.core.appContext.version = 2.0.0.RELEASE
vulas.core.app.appPrefixes = com.vdenotaris.spring.boot.security.saml

#the second configuration

vulas.core.appContext.group = com.vdenotaris.spring
vulas.core.appContext.artifact = spring-boot-security-saml-sample
vulas.core.appContext.version = 2.0.0.RELEASE
vulas.core.app.appJarNames = spring-boot-security-saml-sample

#the third configuration

vulas.core.appContext.group = com.vdenotaris.spring
vulas.core.appContext.artifact = spring-boot-security-saml-sample
vulas.core.appContext.version = 2.0.0.RELEASE
vulas.core.app.appPrefixes =  spring-boot-security-saml
serenaponta commented 1 year ago

When using the cli the pom.xml is not read, that's why information like the application context has to be provided in the steady-custom.properties configuration file.

From the stacktrace it looks like the configuration file is not read. The configuration file has to be named steady-custom.properties without any additional extension and the .sample present in the file provided in the zip archive has to be removed. The first configuration you provided looks good to me (assuming that the code inside the spring-boot-security-saml-sample uses has package name com.vdenotaris.spring.boot.security.saml).

momo-tong commented 1 year ago

Hi, Thank you very much for your help. I successfully run it. Thanks again.