SC-SAST: Intermittent issue when starting jobs in Jenkins Pipeline

[kadraman]

When testing the FCLI, having an intermitting issue with the ‘start scan’. Are you aware of issues with pipeline as code and FCLI? We are using the proxy setup of fcli to resolve connection to server. Freestyle job with shell step works fine, issue is with pipeline jobs.

FreeStyle Job – scan triggers

• java -jar ./fortify/cli/fcli.jar sc-sast scan start -v 22.1 --appversion Springboot-helloworld:1.0.0 -p Package.zip --upload --ssc-ci-token 26a9e331-35b3-4565-82df-9f42a80c17f6 --store test

Job token Has files Scan state Sca progress Ssc upload state Ssc processing state Endpoint version Action
8d5f4c68-5815-4acd-bf95-220666d1dcf4 true PENDING N/A PENDING PENDING 3 SCAN_REQUESTED

Pipeline Job - error

• java -jar ./fortify/cli/fcli.jar sc-sast scan start -v 22.1 --appversion Springboot-helloworld:1.0.0 -p Package.zip --upload --ssc-ci-token 26a9e331-35b3-4565-82df-9f42a80c17f6 --store test

java.lang.RuntimeException: Error reading file ./fortify/Fortify_ScanCentral_Client_21.2.3/fcli/./fortify/Fortify_ScanCentral_Client_21.2.3/fcli/proxies/webproxy_dcoe_boigroup_net_80 at com.fortify.cli.common.util.FcliHomeHelper.throwOrLog(FcliHomeHelper.java:188) at com.fortify.cli.common.util.FcliHomeHelper.readFile(FcliHomeHelper.java:123) at com.fortify.cli.common.util.FcliHomeHelper.readFile(FcliHomeHelper.java:111) at com.fortify.cli.common.util.FcliHomeHelper.readSecuredFile(FcliHomeHelper.java:64) at com.fortify.cli.common.http.proxy.helper.ProxyHelper.getProxy(ProxyHelper.java:47) at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:197) at java.base/java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:179) at java.base/java.util.Spliterators$IteratorSpliterator.tryAdvance(Spliterators.java:1856) at java.base/java.util.stream.ReferencePipeline.forEachWithCancel(ReferencePipeline.java:129) at java.base/java.util.stream.AbstractPipeline.copyIntoWithCancel(AbstractPipeline.java:527) at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:513) at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:499) at java.base/java.util.stream.FindOps$FindOp.evaluateSequential(FindOps.java:150) at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) at java.base/java.util.stream.ReferencePipeline.findFirst(ReferencePipeline.java:647) at com.fortify.cli.common.http.proxy.helper.ProxyHelper.configureProxy(ProxyHelper.java:18) at com.fortify.cli.sc_sast.rest.helper.SCSastUnirestHelper.configureScSastControllerUnirestInstance(SCSastUnirestHelper.java:16) at com.fortify.cli.common.rest.cli.mixin.AbstractUnirestRunnerMixin.run(AbstractUnirestRunnerMixin.java:26) at com.fortify.cli.sc_sast.rest.cli.mixin.AbstractSCSastUnirestRunnerMixin.runOnController(AbstractSCSastUnirestRunnerMixin.java:30) at com.fortify.cli.sc_sast.rest.cli.mixin.SCSastControllerUnirestRunnerMixin.run(SCSastControllerUnirestRunnerMixin.java:15) at com.fortify.cli.common.rest.cli.cmd.AbstractUnirestRunnerCommand.run(AbstractUnirestRunnerCommand.java:41) at picocli.CommandLine.executeUserObject(CommandLine.java:2026) at picocli.CommandLine$RunLast.executeUserObjectOfLastSubcommandWithSameParent(CommandLine.java:2461) at picocli.CommandLine$RunLast.handle(CommandLine.java:2453) at picocli.CommandLine$RunLast.handle(CommandLine.java:2415) at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2273) at picocli.CommandLine$RunLast.execute(CommandLine.java:2417) at picocli.CommandLine.execute(CommandLine.java:2170) at com.fortify.cli.app.FortifyCLI.execute(FortifyCLI.java:81) at com.fortify.cli.app.FortifyCLI.main(FortifyCLI.java:61) Caused by: java.nio.file.NoSuchFileException: ./fortify/Fortify_ScanCentral_Client_21.2.3/fcli/./fortify/Fortify_ScanCentral_Client_21.2.3/fcli/proxies/webproxy_dcoe_boigroup_net_80 at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:92) at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:106) at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111) at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:218) at java.base/java.nio.file.Files.newByteChannel(Files.java:380) at java.base/java.nio.file.Files.newByteChannel(Files.java:432) at java.base/java.nio.file.Files.readAllBytes(Files.java:3289) at java.base/java.nio.file.Files.readString(Files.java:3367) at java.base/java.nio.file.Files.readString(Files.java:3326) at com.fortify.cli.common.util.FcliHomeHelper.readFile(FcliHomeHelper.java:118) ... 28 more

[rsenden]

It seems like part of the path to the proxy config file is being duplicated: ./fortify/Fortify_ScanCentral_Client_21.2.3/fcli/./fortify/Fortify_ScanCentral_Client_21.2.3/fcli/proxies/webproxy_dcoe_boigroup_net_80

Most likely, you have either FCLI_HOME or FORTIFY_HOME environment variable set to a relative directory (starting with ./fortify), and fcli apparently is not handling this well. I'll look at fixing this, in the meantime you could try setting FCLI_HOME or FORTIFY_HOME to an absolute directory.