search

fortify / fcli

fcli is a command-line utility for interacting with various Fortify products
https://fortify.github.io/fcli/
Other
33 stars 22 forks source link

Parsing errors in latest 0.20230721.152459-dev_develop branch #365

Closed xakrurychle closed 6 months ago

xakrurychle commented 1 year ago

Generally unable to make a connection using session login, this is the entire stderr, capturing log using --log-level TRACE --log-file file.log does not work, the file is empty. Tested the exact same command ./fcli ssc session login --url $url -u <name> -p <pass> --log-level TRACE --log-file login.log on fcli version 0.20230629.082654-dev_develop, built on 2023-06-29 08:27:42 where I have no issues.

./fcli ssc session login --url <url> -u <name> -p <pass>
Error logging out previous session
java.lang.RuntimeException: Error processing JSON data
        at com.fortify.cli.common.json.JsonHelper.treeToValue(JsonHelper.java:126)
        at com.fortify.cli.common.json.JsonHelper.jsonStringToValue(JsonHelper.java:133)
        at com.fortify.cli.common.util.FcliDataHelper.readSecuredFile(FcliDataHelper.java:99)
        at com.fortify.cli.common.http.proxy.helper.ProxyHelper.getProxy(ProxyHelper.java:59)
        at java.base@17.0.7/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:197)
        at java.base@17.0.7/java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:179)
        at java.base@17.0.7/java.util.Spliterators$IteratorSpliterator.tryAdvance(Spliterators.java:1856)
        at java.base@17.0.7/java.util.stream.ReferencePipeline.forEachWithCancel(ReferencePipeline.java:129)
        at java.base@17.0.7/java.util.stream.AbstractPipeline.copyIntoWithCancel(AbstractPipeline.java:527)
        at java.base@17.0.7/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:513)
        at java.base@17.0.7/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:499)
        at java.base@17.0.7/java.util.stream.FindOps$FindOp.evaluateSequential(FindOps.java:150)
        at java.base@17.0.7/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
        at java.base@17.0.7/java.util.stream.ReferencePipeline.findFirst(ReferencePipeline.java:647)
        at com.fortify.cli.common.http.proxy.helper.ProxyHelper.configureProxy(ProxyHelper.java:30)
        at com.fortify.cli.ssc.token.helper.SSCTokenHelper.configureUnirest(SSCTokenHelper.java:142)
        at com.fortify.cli.ssc.token.helper.SSCTokenHelper.createToken(SSCTokenHelper.java:132)
        at com.fortify.cli.ssc.token.helper.SSCTokenHelper.createToken(SSCTokenHelper.java:87)
        at com.fortify.cli.ssc._common.session.helper.SSCSessionDescriptor.generateToken(SSCSessionDescriptor.java:86)
        at com.fortify.cli.ssc._common.session.helper.SSCSessionDescriptor.<init>(SSCSessionDescriptor.java:43)
        at com.fortify.cli.ssc._common.session.cli.cmd.SSCSessionLoginCommand.login(SSCSessionLoginCommand.java:42)
        at com.fortify.cli.ssc._common.session.cli.cmd.SSCSessionLoginCommand.login(SSCSessionLoginCommand.java:27)
        at com.fortify.cli.common.session.cli.cmd.AbstractSessionLoginCommand.getJsonNode(AbstractSessionLoginCommand.java:35)
        at com.fortify.cli.common.output.cli.cmd.AbstractOutputCommand.run(AbstractOutputCommand.java:33)
        at picocli.CommandLine.executeUserObject(CommandLine.java:2103)
        at picocli.CommandLine$RunLast.executeUserObjectOfLastSubcommandWithSameParent(CommandLine.java:2538)
        at picocli.CommandLine$RunLast.handle(CommandLine.java:2530)
        at picocli.CommandLine$RunLast.handle(CommandLine.java:2492)
        at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2350)
        at picocli.CommandLine$RunLast.execute(CommandLine.java:2494)
        at picocli.CommandLine.execute(CommandLine.java:2247)
        at com.fortify.cli.app.runner.DefaultFortifyCLIRunner.run(DefaultFortifyCLIRunner.java:47)
        at com.fortify.cli.app.FortifyCLI.execute(FortifyCLI.java:38)
        at com.fortify.cli.app.FortifyCLI.main(FortifyCLI.java:32)
Caused by: com.fasterxml.jackson.databind.exc.InvalidDefinitionException: Cannot construct instance of `java.util.HashSet` (no Creators, like default constructor, exist): no default no-arguments constructor found
 at [Source: UNKNOWN; byte offset: #UNKNOWN] (through reference chain: com.fortify.cli.common.http.proxy.helper.ProxyDescriptor["targetHostNames"])
        at com.fasterxml.jackson.databind.DeserializationContext.reportBadDefinition(DeserializationContext.java:1915)
        at com.fasterxml.jackson.databind.DatabindContext.reportBadDefinition(DatabindContext.java:414)
        at com.fasterxml.jackson.databind.DeserializationContext.handleMissingInstantiator(DeserializationContext.java:1360)
        at com.fasterxml.jackson.databind.deser.ValueInstantiator.createUsingDefault(ValueInstantiator.java:248)
        at com.fasterxml.jackson.databind.deser.std.StdValueInstantiator.createUsingDefault(StdValueInstantiator.java:275)
        at com.fasterxml.jackson.databind.deser.std.StringCollectionDeserializer.deserialize(StringCollectionDeserializer.java:183)
        at com.fasterxml.jackson.databind.deser.std.StringCollectionDeserializer.deserialize(StringCollectionDeserializer.java:27)
        at com.fasterxml.jackson.databind.deser.impl.MethodProperty.deserializeAndSet(MethodProperty.java:129)
        at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:314)
        at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:177)
        at com.fasterxml.jackson.databind.deser.DefaultDeserializationContext.readRootValue(DefaultDeserializationContext.java:323)
        at com.fasterxml.jackson.databind.ObjectMapper._readValue(ObjectMapper.java:4801)
        at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:2974)
        at com.fasterxml.jackson.databind.ObjectMapper.treeToValue(ObjectMapper.java:3438)
        at com.fortify.cli.common.json.JsonHelper.treeToValue(JsonHelper.java:120)
        ... 33 more
[qaprague@qa-st-c7-kho01 fcli_v4]$ ./fcli -V
fcli version 0.20230721.152459-dev_develop, built on 2023-07-21 15:25:20
rsenden commented 1 year ago

Probably a reflection issue; seems to work fine with Java-based fcli.jar version. Same error occurs when running fcli config proxy list for example (after having configured a proxy). Will need to do some more research to understand what is causing this issue, as java.util.HashSet mentioned in the exception message is listed in /fcli-app/src/main/resources/META-INF/native-image/fcli/fcli-app/spel/reflect-config.json.

rsenden commented 1 year ago

Seems to be fixed by adding allPublicConstructors: true in reflect-config.json. For now, this setting has only been applied to java.util.HashSet, we'll likely need to apply this to other classes as well so leaving this issue open for now.

rsenden commented 6 months ago

No further reflection issues identified in current fcli releases, so closing this issue.