Plugin can not find FORTIFY_HOME & PATH due to java.io.File.isFile not returning true when expected

[udb7l]

Jenkins and plugins versions report

Environment

```text Jenkins: 2.361.1 OS: Linux - 4.18.0-305.62.1.el8_4.x86_64 --- ace-editor:1.1 active-directory:2.26 antisamy-markup-formatter:2.7 apache-httpcomponents-client-4-api:4.5.13-138.v4e7d9a_7b_a_e61 authentication-tokens:1.4 bootstrap5-api:5.2.1-3 bouncycastle-api:2.26 branch-api:2.1046.v0ca_37783ecc5 build-user-vars-plugin:1.9 caffeine-api:2.9.3-65.v6a_47d0f4d1fe checks-api:1.7.5 cloudbees-disk-usage-simple:178.v1a_4d2f6359a_8 cloudbees-folder:6.758.vfd75d09eea_a_1 command-launcher:90.v669d7ccb_7c31 commons-lang3-api:3.12.0-36.vd97de6465d5b_ commons-text-api:1.9-19.v8df45c678366 configuration-as-code:1512.vb_79d418d5fc8 credentials:1189.vf61b_a_5e2f62e credentials-binding:523.vd859a_4b_122e6 cucumber-reports:5.7.3 display-url-api:2.3.6 docker-commons:1.21 docker-workflow:521.v1a_a_dd2073b_2e durable-task:500.v8927d9fd99d8 echarts-api:5.4.0-1 extended-read-permission:3.2 font-awesome-api:6.2.0-3 fortify:22.1.38 git:4.12.1 git-client:3.12.1 git-server:99.va_0826a_b_cdfa_d google-oauth-plugin:1.0.7 gradle:1.40 handlebars:3.0.8 htmlpublisher:1.31 http_request:1.16 instance-identity:116.vf8f487400980 ionicons-api:28.va_f3a_84439e5f jackson2-api:2.13.3-285.vc03c0256d517 jakarta-activation-api:2.0.1-2 jakarta-mail-api:2.0.1-2 javax-activation-api:1.2.0-5 javax-mail-api:1.6.2-8 jaxb:2.3.6-2 jdk-tool:55.v1b_32b_6ca_f9ca jquery-detached:1.2.1 jquery3-api:3.6.1-2 jsch:0.1.55.61.va_e9ee26616e7 junit:1150.v5c2848328b_60 kubernetes:3718.ve44878b_12184 kubernetes-client-api:5.12.2-193.v26a_6078f65a_9 kubernetes-credentials:0.9.0 kubernetes-credentials-provider:1.199.v4a_1d1f5d074f lockable-resources:2.18 mailer:438.v02c7f0a_12fa_4 matrix-auth:3.1.5 matrix-project:785.v06b_7f47b_c631 metrics:4.2.10-389.v93143621b_050 mina-sshd-api-common:2.9.1-44.v476733c11f82 mina-sshd-api-core:2.9.1-44.v476733c11f82 momentjs:1.1.1 oauth-credentials:0.5 openshift-client:1.0.37 parameterized-trigger:2.45 pipeline-build-step:2.18 pipeline-graph-analysis:195.v5812d95a_a_2f9 pipeline-groovy-lib:612.v84da_9c54906d pipeline-input-step:451.vf1a_a_4f405289 pipeline-milestone-step:101.vd572fef9d926 pipeline-model-api:2.2114.v2654ca_721309 pipeline-model-definition:2.2114.v2654ca_721309 pipeline-model-extensions:2.2114.v2654ca_721309 pipeline-rest-api:2.24 pipeline-stage-step:296.v5f6908f017a_5 pipeline-stage-tags-metadata:2.2114.v2654ca_721309 pipeline-stage-view:2.24 pipeline-utility-steps:2.13.0 plain-credentials:139.ved2b_9cf7587b plugin-util-api:2.18.0 popper2-api:2.11.6-2 prometheus:2.0.11 promoted-builds:892.vd6219fc0a_efb rebuild:1.34 role-strategy:562.v44e9a_e828d0e scm-api:621.vda_a_b_055e58f7 script-security:1183.v774b_0b_0a_a_451 snakeyaml-api:1.32-86.ve3f030a_75631 ssh-credentials:305.v8f4381501156 sshd:3.249.v2dc2ea_416e33 structs:324.va_f5d6774f3a_d token-macro:308.v4f2b_ed62b_b_16 trilead-api:2.72.v2a_3236754f73 variant:59.vf075fe829ccb windows-slaves:1.8.1 workflow-aggregator:590.v6a_d052e5a_a_b_5 workflow-api:1192.v2d0deb_19d212 workflow-basic-steps:994.vd57e3ca_46d24 workflow-cps:2802.v5ea_628154b_c2 workflow-cps-global-lib:588.v576c103a_ff86 workflow-durable-task-step:1199.v02b_9244f8064 workflow-job:1239.v71b_b_a_124a_725 workflow-multibranch:716.vc692a_e52371b_ workflow-scm-step:400.v6b_89a_1317c9a_ workflow-step-api:639.v6eca_cd8c04a_a_ workflow-support:838.va_3a_087b_4055b ```

What Operating System are you using (both controller, and any agents involved in the problem)?

Red Hat's ubi8 image

Reproduction steps

FORTIFY_HOME is set to /opt/Fortify/bin withEnv(['PATH+FORTIFY=/opt/Fortify/bin']) { fortifyClean buildID: fortify_project }

Expected Results

step is executed

Actual Results

Running FortifyClean step
Fortify Jenkins plugin v 22.1.38
Launching Fortify SCA clean command
......
java.io.FileNotFoundException: ERROR: executable not found: sourceanalyzer; make sure that either FORTIFY_HOME environment variable is set or sourceanalyzer is on the PATH or in workspace
    at com.fortify.plugin.jenkins.steps.FortifyStep.findExecutablePath(FortifyStep.java:104)
    at com.fortify.plugin.jenkins.steps.FortifyStep.getExecutable(FortifyStep.java:93)
    at com.fortify.plugin.jenkins.steps.FortifySCAStep.getSourceAnalyzerExecutable(FortifySCAStep.java:94)
    at com.fortify.plugin.jenkins.steps.FortifyClean.perform(FortifyClean.java:67)
    at com.fortify.plugin.jenkins.steps.FortifyClean$Execution.run(FortifyClean.java:149)
    at com.fortify.plugin.jenkins.steps.FortifyClean$Execution.run(FortifyClean.java:134)
    at org.jenkinsci.plugins.workflow.steps.SynchronousNonBlockingStepExecution.lambda$start$0(SynchronousNonBlockingStepExecution.java:47)
    at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
    at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
    at java.base/java.lang.Thread.run(Thread.java:829)

Anything else?

This is similar to issue #49. I can only get this to work if I copy the files to the workspace. It does not respect the FORTIFY_HOME or PATH settings.

The access to the bin directory is:

drwxrwxrwx.  2 1001 1001    4096 Oct 14 07:48 bin

The access to the files in the bin directory:

-rwxrwxrwx. 1 1001 1001  237985 May 13 23:50 sourceanalyzer
-rwxrwxrwx. 1 1001 1001    2304 May 13 23:50 SCAState
-rwxrwxrwx. 1 1001 1001       0 May 13 23:50 update.ini
-rwxrwxrwx. 1 1001 1001    1492 May 13 23:50 scapostinstall
-rwxrwxrwx. 1 1001 1001    1834 May 13 23:50 iidmigrator
-rwxrwxrwx. 1 1001 1001    1774 May 13 23:50 fortifyupdate
-rwxrwxrwx. 1 1001 1001    1758 May 13 23:50 fortifyclient
-rwxrwxrwx. 1 1001 1001 7589347 May 13 23:50 autoupdate-linux.run
-rwxrwxrwx. 1 1001 1001 9135950 May 13 23:50 autoupdate-linux-x64.run
-rwxrwxrwx. 1 1001 1001    1459 May 13 23:50 auditworkbench
-rwxrwxrwx. 1 1001 1001    1812 May 13 23:50 ScanWizard
-rwxrwxrwx. 1 1001 1001    2159 May 13 23:50 ReportGenerator
-rwxrwxrwx. 1 1001 1001    2209 May 13 23:50 FPRUtility
-rwxrwxrwx. 1 1001 1001    1466 May 13 23:50 CustomRulesEditor
-rwxrwxrwx. 1 1001 1001    2427 May 13 23:50 BIRTReportGenerator
-rwxrwxrwx. 1 1001 1001    2369 May 13 23:58 scancentral
-rwxrwxrwx. 1 1001 1001    2629 May 13 23:58 pwtool
-rwxrwxrwx. 1 1001 1001    2212 May 13 23:58 packagescanner

By calling java.io.File.isFile in a pipeline script to /opt/Fortify/bin/sourceanalyzer it returns false. Which seems to be related to unix environment

I know sourceanalyzer is accessible as I can call it directly with sh '/opt/Fortify/bin/sourceanalyzer' and it executes.

I have narrowed it down to File.isFile() in FindExecutableRemoteService.invoke and PathUtils.locateFileInPath not returning the expected result of true. I have seen forums regarding an issue in the jdk, it would appear that there is a workaround of changing it to !file.isDirectory() which will resolve the issue. I tested calling !File.isDirectory in pipeline script in my environment.

[jtkiesel]

I am having the same issue. Copying the scripts to the workspace was the only way to get the plugin to find them. My current workaround for this issue is executing these shell commands prior to executing the plugin step:

cp --recursive ${FORTIFY_HOME}/bin/* .
ln -s ${FORTIFY_HOME}/Core ../Core

This is obviously quite ugly, but it works.

[akaryakina]

Well, the .isFile() is not equivalent to !.isDirectory(). Basically, if !.exists(), then the .isFile() fails, but !.isDirectory() passes. I think there must be something wrong with checking for existing or, actually, for read permissions on the file.

[akaryakina]

Seems to work for me now. Steps to reproduce:

1. I made sure that there was no SCA available in system's PATH, i.e. I ran sourceanalyzer -version and it failed with unknown command. I also made sure that there was an SCA installed on the machine (but at a different location).
2. I created the following pipeline:

   pipeline {
   agent { label 'ubuntu' }
   stages {
       stage('try_finding_sca') {
           steps {
               sh 'printenv'
               fortifyClean addJVMOptions: '', buildID: 'testpipe1', logFile: '', maxHeap: ''
           }
       }
   }
   }

3. I ran the build making sure that it was failing
4. I made sure SCA was available at /fortify/Fortify/Fortify_SCA_and_Apps_22.1.0/bin and modified the pipeline to be

   pipeline {
   agent { label 'ubuntu' }
   stages {
       stage('try_finding_sca') {
           steps {
               withEnv(['PATH+FORTIFY=/fortify/Fortify/Fortify_SCA_and_Apps_22.1.0/bin']) {
                   sh 'printenv'
                   fortifyClean addJVMOptions: '', buildID: 'testpipe1', logFile: '', maxHeap: ''
               }
           }
       }
   }
   }

5. I ran the build and made sure that it succeeded