search

jenkinsci / checkmarx-ast-scanner-plugin

Jenkins Plugin for AST
https://plugins.jenkins.io/checkmarx-ast-scanner/
MIT License
2 stars 9 forks source link

Plugin breaks filepath when running on Windows agent from Linux controller #94

Closed lasselindqvist closed 1 year ago

lasselindqvist commented 2 years ago

Jenkins and plugins versions report

Environment ```text Paste the output here ```

What Operating System are you using (both controller, and any agents involved in the problem)?

Controller is Linux, Agent is Windows

Reproduction steps

  1. Install Checkmarx tool globally. Add client secret.
  2. Add the following to a pipeline: 
    stages {
    stage ('Run') {
        steps {
            checkmarxASTScanner additionalOptions: '', baseAuthUrl: '', branchName: '', checkmarxInstallation: 'Checkmarx', credentialsId: 'jenkins-client-id-secret-for-checkmarx', projectName: 'Project-Name', serverUrl: 'https://eu.ast.checkmarx.net', tenantName: 'myTenant', useOwnServerCredentials: true
        }
    }
}
  3. Trigger the build

Expected Results

08:41:53  $ C:\Users\jenkins\build\tools\com.checkmarx.jenkins.tools.CheckmarxInstallation\Checkmarx\cx.exe scan create --scan-info-format json -s C:\Users\jenkins\build\workspace\Checkmarx_main_PR-1234 --agent Jenkins --project-name Project-Name --branch PR-1234 --tenant myTenant --base-uri https://eu.ast.checkmarx.net/

Actual Results

[Pipeline] { (Deploy)
[Pipeline] checkmarxASTScanner
08:41:25  [Cx-Info]: ----**** Checkmarx Scan Configuration ****----
08:41:25  [Cx-Info]: Checkmarx Server Url: https://eu.ast.checkmarx.net/
08:41:25  [Cx-Info]: Tenant Name: myTenant
08:41:25  [Cx-Info]: Project Name: Project-Name
08:41:25  [Cx-Info]: Branch name: ${GIT_BRANCH}
08:41:25  [Cx-Info]: Using global additional options: true
08:41:25  [Cx-Info]: Additional Options: 
08:41:25  [Cx-Info]: Installing Checkmarx AST CLI tool (version 'latest')
08:41:54  [Cx-Info]: Submitting the scan details to the CLI wrapper.
08:41:54  [Cx-Info]: Executable path: C:\Users\jenkins\build\tools\com.checkmarx.jenkins.tools.CheckmarxInstallation\Checkmarx\cx.exe 
08:41:53  $ C:\Users\jenkins\build\tools\com.checkmarx.jenkins.tools.CheckmarxInstallation\Checkmarx\cx.exe scan create --scan-info-format json -s /C:\Users\jenkins\build\workspace\Checkmarx_main_PR-1234 --agent Jenkins --project-name Project-Name --branch PR-1234 --tenant myTenant --base-uri https://eu.ast.checkmarx.net/
08:42:09  Creating directory
08:42:11  Failed creating a scan: Input in bad format: Sources input has bad format: /C:\Users\jenkins\build\workspace\Checkmarx_main_PR-1234
08:42:11  [Cx-Error]: Exit code from AST-CLI: 1

Anything else?

Perhaps the problem is the usage of new File in https://github.com/jenkinsci/checkmarx-ast-scanner-plugin/blob/b0fa8477f9adb523e0089ca1a859fd5c813bded5/src/main/java/com/checkmarx/jenkins/CheckmarxScanBuilder.java#L466 Maybe this code is called on the Linux controller and thus adds the prefix slash to the path? Could it be fixed by using FilePath? (https://javadoc.jenkins.io/hudson/FilePath.html)

Running from Linux controller to Linux agent was fine and produced a correct path passed to the command line tool.

lasselindqvist commented 2 years ago

The important part in the logs is the cli command with: -s /C:\Users\jenkins\build\workspace\Checkmarx_main_PR-1234

pedrompflopes commented 2 years ago

@lasselindqvist Thanks for this. We will review it and come back to you.