Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-48989

Anchore Plugin is affected by JEP-200 in Jenkins 2.102+

    XMLWordPrintable

Details

    Description

      Due to the changes in Jenkins 2.102 our builds are failing with following error

       

      java.lang.UnsupportedOperationException: Refusing to marshal com.google.common.collect.Maps$TransformedEntriesMap for security reasons; see https://jenkins.io/redirect/class-filter/
      	at hudson.util.XStream2$BlacklistedTypesConverter.marshal(XStream2.java:530)
      	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
      	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
      	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
      	at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
      	at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
      Caused: java.lang.RuntimeException: Failed to serialize com.anchore.jenkins.plugins.anchore.AnchoreAction#queryOutputUrls for class com.anchore.jenkins.plugins.anchore.AnchoreAction
      	at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
      	at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
      	at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
      	at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
      	at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
      	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
      	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
      	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
      	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:88)
      	at com.thoughtworks.xstream.converters.collections.AbstractCollectionConverter.writeItem(AbstractCollectionConverter.java:64)
      	at com.thoughtworks.xstream.converters.collections.CollectionConverter.marshal(CollectionConverter.java:74)
      	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
      	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
      	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
      	at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
      	at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
      Caused: java.lang.RuntimeException: Failed to serialize hudson.model.Actionable#actions for class org.jenkinsci.plugins.workflow.job.WorkflowRun
      	at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
      	at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
      	at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
      	at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
      	at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
      	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
      	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
      	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
      	at com.thoughtworks.xstream.core.TreeMarshaller.start(TreeMarshaller.java:82)
      	at com.thoughtworks.xstream.core.AbstractTreeMarshallingStrategy.marshal(AbstractTreeMarshallingStrategy.java:37)
      	at com.thoughtworks.xstream.XStream.marshal(XStream.java:1026)
      	at com.thoughtworks.xstream.XStream.marshal(XStream.java:1015)
      	at com.thoughtworks.xstream.XStream.toXML(XStream.java:988)
      	at hudson.XmlFile.write(XmlFile.java:194)
      Caused: java.io.IOException
      	at hudson.XmlFile.write(XmlFile.java:201)
      	at hudson.model.Run.save(Run.java:1923)
      	at hudson.util.PersistedList.onModified(PersistedList.java:173)
      	at hudson.util.PersistedList._onModified(PersistedList.java:181)
      Caused: java.lang.RuntimeException
      	at hudson.util.PersistedList._onModified(PersistedList.java:183)
      	at hudson.util.PersistedList.add(PersistedList.java:72)
      	at org.jenkinsci.plugins.workflow.job.WorkflowRun.onCheckout(WorkflowRun.java:819)
      	at org.jenkinsci.plugins.workflow.job.WorkflowRun.access$1500(WorkflowRun.java:134)
      	at org.jenkinsci.plugins.workflow.job.WorkflowRun$SCMListenerImpl.onCheckout(WorkflowRun.java:1002)
      	at org.jenkinsci.plugins.workflow.steps.scm.SCMStep.checkout(SCMStep.java:127)
      	at org.jenkinsci.plugins.workflow.steps.scm.SCMStep$StepExecutionImpl.run(SCMStep.java:85)
      	at org.jenkinsci.plugins.workflow.steps.scm.SCMStep$StepExecutionImpl.run(SCMStep.java:75)
      	at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1$1.call(AbstractSynchronousNonBlockingStepExecution.java:47)
      	at hudson.security.ACL.impersonate(ACL.java:274)
      	at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1.run(AbstractSynchronousNonBlockingStepExecution.java:44)
      	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
      	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
      	at java.lang.Thread.run(Thread.java:745)
      Finished: FAILURE
      

      Attachments

        Issue Links

          Activity

            Code changed in jenkins
            User: Daniel Nurmi
            Path:
            src/main/java/com/anchore/jenkins/plugins/anchore/AnchoreAction.java
            src/main/java/com/anchore/jenkins/plugins/anchore/BuildWorker.java
            http://jenkins-ci.org/commit/anchore-container-scanner-plugin/e76d6283b97d72c5775143dfc1f4d6fef6cc5f7f
            Log:
            use plainer types for AnchoreAction members - Fixes JENKINS-48989

            Signed-off-by: Daniel Nurmi <nurmi@anchore.com>

            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Daniel Nurmi Path: src/main/java/com/anchore/jenkins/plugins/anchore/AnchoreAction.java src/main/java/com/anchore/jenkins/plugins/anchore/BuildWorker.java http://jenkins-ci.org/commit/anchore-container-scanner-plugin/e76d6283b97d72c5775143dfc1f4d6fef6cc5f7f Log: use plainer types for AnchoreAction members - Fixes JENKINS-48989 Signed-off-by: Daniel Nurmi <nurmi@anchore.com>
            oleg_nenashev Oleg Nenashev added a comment -

            The fix has been released in 1.0.13

            oleg_nenashev Oleg Nenashev added a comment - The fix has been released in 1.0.13
            gruebel Anton Gruebel added a comment -

            Thanks oleg_nenashev, it works with the new update!

            nurmi, do you still need my setup?

            gruebel Anton Gruebel added a comment - Thanks oleg_nenashev , it works with the new update! nurmi , do you still need my setup?
            nurmi Daniel Nurmi added a comment -

            Hi Anton,

            It would still be good to know, but we did roll a new version of the plugin yesterday (version 1.0.13) which should address the issue, and it sounds like you got the update and things are working again (correct me if I'm mistaken!)

            Best

            -Dan

            nurmi Daniel Nurmi added a comment - Hi Anton, It would still be good to know, but we did roll a new version of the plugin yesterday (version 1.0.13) which should address the issue, and it sounds like you got the update and things are working again (correct me if I'm mistaken!) Best -Dan
            gruebel Anton Gruebel added a comment -

            Hi Dan,

            yeah it fixed my problem.

            Here is the setup:

            • local mode
            • pipeline build
            writeFile (
              file: 'anchore_images',
              text: "app:${git_commit} ${WORKSPACE}/Dockerfile"
            )
            
            anchore (
              bailOnFail: false,
              bailOnPluginFail: false,
              bailOnWarn: false,
              doCleanup: false,
              inputQueries: [
                [query: 'list-packages all'],
                [query: 'list-files all'],
                [query: 'cve-scan all'],
                [query: 'show-pkg-diffs base']
              ],
              name: 'anchore_images',
              policyName: 'jenkins/anchore/anchore_policy'
            )
            
            gruebel Anton Gruebel added a comment - Hi Dan, yeah it fixed my problem. Here is the setup: local mode pipeline build writeFile ( file: 'anchore_images' , text: "app:${git_commit} ${WORKSPACE}/Dockerfile" ) anchore ( bailOnFail: false , bailOnPluginFail: false , bailOnWarn: false , doCleanup: false , inputQueries: [ [query: 'list-packages all' ], [query: 'list-files all' ], [query: 'cve-scan all' ], [query: 'show-pkg-diffs base' ] ], name: 'anchore_images' , policyName: 'jenkins/anchore/anchore_policy' )

            People

              nurmi Daniel Nurmi
              gruebel Anton Gruebel
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: