Closed raghanag closed 3 years ago
young-s-park
commented
4 years ago @raghanag This "error" message can be a little misleading. If the sourceanalyzer executable cannot be found in the FORTIFY_HOME, it will attempt to run as if it were on the system PATH. The command you see on the next line is what gets executed. So if you have the PATH set on your system, and sourceanalyzer is on that PATH, then it should execute properly.
raghanag
commented
4 years ago @young-s-park does that mean my fortify commands are executing as expected, how can I verify if it's executing as expected or not.
ilatypov
commented
4 years ago the PATH+EXTRA system works for Scripted Pipeline. If it does not work for Declarative, please file a separate RFE in pipeline-model-definition-plugin. Workaround would I guess be something like (untested)
environment { STUFF = "${MTI_HOME}/linux:${MTI_HOME}/bin:${QUARTUS_HOME}/bin:${DCP_LOC}/bin" } // … steps { withEnv(["PATH+EXTRA=$STUFF"]) { sh 'whatever' } }
ilatypov
commented
4 years ago The "does not work for Declarative" part settled in my head only now.
pipeline {
environment {
EXTRAPATH = "TOOLDIR/fortify/bin"
PATH = "${env.PATH}:${EXTRAPATH}"
}
stages {
[..]
stage('Fortify translate') {
steps {
fortifyTranslate
projectScanType: fortifyMaven3(mavenOptions:
"package -Dfortify.sca.sourceanalyzer.executable=TOOLDIR/fortify/bin/sourceanalyzer")
}
}
}
}The above stops working if the FORTIFY_HOME variable needs defining separately for each machine or label. I think it's because the following line runs on the server (thanks, declarative pipelines?).
My current work-around is to define hard-coded default values for the pipeline "parameters", even for the agent "master" which runs on the same machine with the server...
agent {
label 'master'
}
parameters {
string(name: 'FORTIFY_HOME', defaultValue: "/MYTOOLDIR/fortify",
description: 'A work-around to the plugin using FORTIFY_HOME of the Jenkins server instead of that of the agent')
string(name: 'PATH', defaultValue:
"/MYTOOLDIR/fortify/bin:/usr/local/FOO/bin:/usr/local/openjdk-8/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
description: 'A work-around to the plugin using PATH of the Jenkins server instead of that of the agent')
}I wish Jenkins in general and this plugin in particular gave precendence to the agent's environment. I did not try to find the exact API to fetch that in the context of the plugin running on the server but aiming the given "agent".
ashnazg
commented
4 years ago The OP's description seems to match my suspicion that when using the plugin in a container, the executable search might be running on the master rather than in the container, and thus the executable isn't found... but then in 19.x, the code doesn't bail out at this point, and the "system PATH" option in the container can be allowed to work. Now in 20.x, an exception is thrown by that first executable search, giving no change for a container to try the "system PATH" way.
See #21 and #23... I'm thinking this plugin's previous ability to work in a container might have been unintentional / coincidental, but now 20.x prevents it.
vrulevskyi
commented
3 years ago Hi @raghanag, this issue has been fixed in a new Fortify Jenkins plugin release v20.2.34. Please, check it out. In case if you need further help, please, reopen this issue or create another one. Closing the issue for now.
Hi, I am trying to use the fortify plugin in the pipeline syntax, here is my jenkinsfile, and I am getting the below error. I have followed the steps mentioned here Any help would be appreciated. I checked the env variables and my FORTIFY_HOME is pointing to /tools/fortify/bin.