OWASP Dependency Check Pipeline: NotSerializableException

XMLWordPrintable

    • Type: Bug
    • Resolution: Fixed
    • Priority: Minor
    • Component/s: dependency-check-jenkins-plugin
    • None
    • Environment:

      Hi,

      i was trying to get dependency Check plugin working on our Jenkins (docker container running on a Kubernetes cluster). I ran into different types of errors i couldn't find any good descriptions. So i thought i open a issue here.

      executing the following snippet (generated with Pipeline Syntax) to generate a Dependency Check Report

       

      stage("Dependency Check"){ 
    step([$class: 'DependencyCheckBuilder', 
          datadir: '',
          hintsFile: '', 
          includeCsvReports: false, 
          includeHtmlReports: true, 
          includeJsonReports: false, 
          isAutoupdateDisabled: false, 
          outdir: '', scanpath: '', 
          skipOnScmChange: false, 
          skipOnUpstreamChange: false, 
          suppressionFile: '', 
          zipExtensions: '']) }

      got me the following error i can't find a solution for (only problems from 2015 on much older plugin versions which are already fixed )

       

      java.io.NotSerializableException: hudson.ClassicPluginStrategy$AntClassLoader2 at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1184) at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1548) at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1509) atjava.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1432) at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1178) at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:348) at hudson.remoting.UserRequest._serialize(UserRequest.java:218) at hudson.remoting.UserRequest.serialize(UserRequest.java:227) Caused: java.io.IOException: Unable to serialize org.jenkinsci.plugins.DependencyCheck.AbstractDependencyCheckBuilder$1@79b7cad6 at hudson.remoting.UserRequest.serialize(UserRequest.java:229) at hudson.remoting.UserRequest.<init>(UserRequest.java:85) at hudson.remoting.Channel.call(Channel.java:837) at org.jenkinsci.plugins.DependencyCheck.AbstractDependencyCheckBuilder
.perform(AbstractDependencyCheckBuilder.java:86) at org.jenkinsci.plugins.DependencyCheck.DependencyCheckBuilder
.perform(DependencyCheckBuilder.java:194) at org.jenkinsci.plugins.workflow.steps.CoreStep$Execution.run(CoreStep.java:80) at org.jenkinsci.plugins.workflow.steps.CoreStep$Execution.run(CoreStep.java:67) at org.jenkinsci.plugins.workflow.steps.SynchronousNonBlockingStepExecution$1$1
.call(SynchronousNonBlockingStepExecution.java:49) at hudson.security.ACL.impersonate(ACL.java:260) at org.jenkinsci.plugins.workflow.steps.SynchronousNonBlockingStepExecution$1
.run(SynchronousNonBlockingStepExecution.java:46) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Finished: FAILURE

       

      The job is partly executed in a Kubernetes Pod where the Buildimage is started.

       

      Anyone got an Idea for this? I read some stuff about Settings not getting passed from master to slave but i couldn't really make sense of it.

       

       

        1. image-2017-07-25-17-55-39-531.png
          image-2017-07-25-17-55-39-531.png
          9 kB

            Assignee:
            Steve Springett
            Reporter:
            Bjoern Weiler
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: