jenkinsci / dependency-track-plugin

Main repository for the official Dependency-Track Jenkins plugin
https://dependencytrack.org/
Apache License 2.0
44 stars 27 forks source link

Builds fail on return-code 304 - No Modification #252

Closed malice00 closed 5 months ago

malice00 commented 5 months ago

Describe the bug

After the update to 5.0.0 our jobs that have no changes in their SBOMs are failing. The SBOM is actually updated and Dependency-Track itself shows no exception. Apparently it returns a 304 when the SBOM has no new dependencies, which causes the plugin to now fail the build!

Exception:

Publish BOM to Dependency-Track (org.jenkinsci.plugins.DependencyTrack.DependencyTrackPublisher@f6e5db43) aborted due to exception
 org.jenkinsci.plugins.DependencyTrack.ApiClientException: An error occurred while updating project with id "2e5e6fb2-812a-45af-a44b-eae99b6941fa" - HTTP response code: 304 Not Modified
    at org.jenkinsci.plugins.DependencyTrack.ApiClient.updateProject(ApiClient.java:359)
    at org.jenkinsci.plugins.DependencyTrack.ApiClient.updateProjectProperties(ApiClient.java:347)
    at org.jenkinsci.plugins.DependencyTrack.DependencyTrackPublisher.updateProjectProperties(DependencyTrackPublisher.java:492)
    at org.jenkinsci.plugins.DependencyTrack.DependencyTrackPublisher.perform(DependencyTrackPublisher.java:286)
    at hudson.tasks.BuildStepCompatibilityLayer.perform(BuildStepCompatibilityLayer.java:80)
    at org.jenkins_ci.plugins.flexible_publish.builder.FailAtEndBuilder.perform(FailAtEndBuilder.java:106)
    at org.jenkins_ci.plugins.run_condition.BuildStepRunner$2.run(BuildStepRunner.java:112)
    at org.jenkins_ci.plugins.run_condition.BuildStepRunner$Fail.conditionalRun(BuildStepRunner.java:156)
    at org.jenkins_ci.plugins.run_condition.BuildStepRunner.perform(BuildStepRunner.java:107)
    at org.jenkins_ci.plugins.flexible_publish.strategy.FailAtEndExecutionStrategy.perform(FailAtEndExecutionStrategy.java:86)
    at org.jenkins_ci.plugins.flexible_publish.ConditionalPublisher.perform(ConditionalPublisher.java:206)
    at org.jenkins_ci.plugins.flexible_publish.FlexiblePublisher.perform(FlexiblePublisher.java:124)
    at hudson.tasks.BuildStepMonitor$3.perform(BuildStepMonitor.java:47)
    at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:818)
    at hudson.model.AbstractBuild$AbstractBuildExecution.performAllBuildSteps(AbstractBuild.java:767)
    at hudson.model.Build$BuildExecution.post2(Build.java:179)
    at hudson.model.AbstractBuild$AbstractBuildExecution.post(AbstractBuild.java:711)
    at hudson.model.Run.execute(Run.java:1917)
    at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:44)
    at hudson.model.ResourceController.execute(ResourceController.java:101)
    at hudson.model.Executor.run(Executor.java:442)

In the DT logs I simply see this:

INFO [BomUploadProcessingTask] Identified 0 new components
INFO [BomUploadProcessingTask] Processed 179 components and 0 services uploaded to project 2e5e6fb2-812a-45af-a44b-eae99b6941fa
INFO [BomUploadProcessingTask] Processing CycloneDX dependency graph for project: 2e5e6fb2-812a-45af-a44b-eae99b6941fa

Environment

To Reproduce

Steps to reproduce the behavior:

  1. Start a Job with Plugin configured that has no changes -- or start it twice without changing anything if the first run didn't fail
  2. See error

Expected behavior

Builds should not fail.

sephiroth-j commented 5 months ago

The official version v5.0.0 is not used here either. This error has already been reported (#219) and fixed in #214.