Snyk Security Plugin attempts download from a URL that returns a 403 error and the pipeline fails

XMLWordPrintable

    • Type: Bug
    • Resolution: Unresolved
    • Priority: Major
    • Component/s: snyk-security-plugin
    • Environment:
      Snyk Security Plugin Version4.0.2
      Jenkins Version 2.426.2

      I have a pipeline script for a NextJS project. One of the stages is to check the code for against known vulnerabilities using snyk. The snippet is as follows:

            stage('Security Check') {
              steps {
                echo 'Test your code for vulnerabilities against known vulnerabilities database.........'
                snykSecurity(
                  snykInstallation: 'SnykV1.1288',
                  snykTokenId: 'Sastra-Snyk-Token',
                  severity: 'high',
                )

      {\{        }

      }}

      {\{      }

      }}

       

      When I run the build it fails. The console output indicates that the plugin is attemting to download snyk from a URL that returns a 403
      Installing Snyk (1.1288.0)...
      FATAL: Snyk Security scan failed.
      java.lang.RuntimeException: Failed to install Snyk.
          at io.snyk.jenkins.tools.SnykInstaller.downloadSnykBinaries(SnykInstaller.java:117)
          at io.snyk.jenkins.tools.SnykInstaller.performInstallation(SnykInstaller.java:62)
          at hudson.tools.InstallerTranslator.getToolHome(InstallerTranslator.java:70)
          at hudson.tools.ToolLocationNodeProperty.getToolHome(ToolLocationNodeProperty.java:109)
          at hudson.tools.ToolInstallation.translateFor(ToolInstallation.java:221)
          at io.snyk.jenkins.tools.SnykInstallation.forNode(SnykInstallation.java:53)
          at io.snyk.jenkins.tools.SnykInstallation.install(SnykInstallation.java:112)
          at io.snyk.jenkins.SnykStepFlow.perform(SnykStepFlow.java:29)
          at io.snyk.jenkins.workflow.SnykSecurityStep$Execution.run(SnykSecurityStep.java:172)
          at io.snyk.jenkins.workflow.SnykSecurityStep$Execution.run(SnykSecurityStep.java:159)
          at org.jenkinsci.plugins.workflow.steps.SynchronousNonBlockingStepExecution.lambda$start$0(SynchronousNonBlockingStepExecution.java:47)
          at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539)
          at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
          at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
          at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
          at java.base/java.lang.Thread.run(Thread.java:840)
      *Caused by: java.io.IOException: Server returned HTTP response code: 403 for URL: https://static.snyk.io/cli/1.1288.0/snyk-linux*

       

        1. JenkinsSnyk-2024.05.21-12_34_14.png
          248 kB
          Sridhar
        2. Jenkins-Snyk-config-2024.05.21-14_15_56.png
          105 kB
          Sridhar

            Assignee:
            Assaf hefetz
            Reporter:
            Sridhar
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: