-
Type:
Bug
-
Resolution: Fixed
-
Priority:
Major
-
Component/s: dependency-check-jenkins-plugin
-
None
-
Environment:Jenkins LTS 1.544.2 / 1.544.3, Static Analyzer 1.57
I upgraded a test instance from 1.2.1 to 1.2.3
One job add OWASP analysis registered but fail with :
00:01:07.264 [DependencyCheck] OWASP Dependency-Check Plugin v1.2.3 00:01:07.274 java.io.FileNotFoundException: /var/lib/mycorp/cijenkins/jobs/jenkins-v1-plugin/builds/2014-07-01_18-29-48/com.versionone$versionone-jenkins-notifier/archive/artifacts.json (No such file or directory) 00:01:07.276 [DependencyCheck] Executing Dependency-Check analysis with the following options: 00:01:07.276 [DependencyCheck] -name = jenkins-v1-plugin 00:01:07.276 [DependencyCheck] -scanPath = ERROR - PATH NOT SPECIFIED OR INVALID. 00:01:07.276 [DependencyCheck] -outputDirectory = /var/lib/mycorp/cijenkins/jobs/jenkins-v1-plugin/workspace 00:01:07.276 [DependencyCheck] -dataDirectory = /var/lib/mycorp/cijenkins/jobs/jenkins-v1-plugin/workspace/dependency-check-data 00:01:07.276 [DependencyCheck] -verboseLogFile = /var/lib/mycorp/cijenkins/jobs/jenkins-v1-plugin/workspace/dependency-check.log 00:01:07.276 [DependencyCheck] -dataMirroringType = NIST CPE/CVE 00:01:07.276 [DependencyCheck] -cveUrl12Modified = http://swf-storage.lab1.lab.ptx.mycorp.int/downloads/nist/nvdcve-modified.xml 00:01:07.276 [DependencyCheck] -cveUrl20Modified = http://swf-storage.lab1.lab.ptx.mycorp.int/downloads/nist/nvdcve-2.0-modified.xml 00:01:07.276 [DependencyCheck] -cveUrl12Base = http://swf-storage.lab1.lab.ptx.mycorp.int/downloads/nist/nvdcve-%d.xml 00:01:07.276 [DependencyCheck] -cveUrl20Base = http://swf-storage.lab1.lab.ptx.mycorp.int/downloads/nist/nvdcve-2.0-%d.xml 00:01:07.276 [DependencyCheck] -useMavenArtifactsScanPath = true 00:01:07.276 [DependencyCheck] -jarAnalyzerEnabled = true 00:01:07.276 [DependencyCheck] -javascriptAnalyzerEnabled = true 00:01:07.276 [DependencyCheck] -archiveAnalyzerEnabled = true 00:01:07.276 [DependencyCheck] -assemblyAnalyzerEnabled = true 00:01:07.276 [DependencyCheck] -nuspecAnalyzerEnabled = true 00:01:07.276 [DependencyCheck] -nexusAnalyzerEnabled = false 00:01:07.276 [DependencyCheck] -showEvidence = false 00:01:07.276 [DependencyCheck] -format = XML 00:01:07.276 [DependencyCheck] -autoUpdate = false 00:01:07.277 [DependencyCheck] The scan path(s) specified are not valid. Please specify a valid path to scan. 00:01:07.277 Build step 'Invoke OWASP Dependency-Check analysis' marked build as failure 00:01:07.349 [DependencyCheck] Skipping publisher since build result is FAILURE 00:01:07.432 Sending e-mails to: hgomez@mycorp.com 00:01:08.090 Finished: FAILURE
When I go to job configure Path to scan is grayed and not editable
For a second job, I tried to add OWASP analysis in post-step, selected OWASP DC in menu but didn't get UI form. Same problem if I try with pre-step.
No error reported in Tomcat logs
I had to revert to 1.2.1
