Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-73198

Snyk Security Plugin attempts download from a URL that returns a 403 error and the pipeline fails

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • snyk-security-plugin
    • Snyk Security Plugin Version4.0.2
      Jenkins Version 2.426.2

      I have a pipeline script for a NextJS project. One of the stages is to check the code for against known vulnerabilities using snyk. The snippet is as follows:

            stage('Security Check') {
              steps {
                echo 'Test your code for vulnerabilities against known vulnerabilities database.........'
                snykSecurity(
                  snykInstallation: 'SnykV1.1288',
                  snykTokenId: 'Sastra-Snyk-Token',
                  severity: 'high',
                )

      {\{        }

      }}

      {\{      }

      }}

       

      When I run the build it fails. The console output indicates that the plugin is attemting to download snyk from a URL that returns a 403
      Installing Snyk (1.1288.0)...
      FATAL: Snyk Security scan failed.
      java.lang.RuntimeException: Failed to install Snyk.
          at io.snyk.jenkins.tools.SnykInstaller.downloadSnykBinaries(SnykInstaller.java:117)
          at io.snyk.jenkins.tools.SnykInstaller.performInstallation(SnykInstaller.java:62)
          at hudson.tools.InstallerTranslator.getToolHome(InstallerTranslator.java:70)
          at hudson.tools.ToolLocationNodeProperty.getToolHome(ToolLocationNodeProperty.java:109)
          at hudson.tools.ToolInstallation.translateFor(ToolInstallation.java:221)
          at io.snyk.jenkins.tools.SnykInstallation.forNode(SnykInstallation.java:53)
          at io.snyk.jenkins.tools.SnykInstallation.install(SnykInstallation.java:112)
          at io.snyk.jenkins.SnykStepFlow.perform(SnykStepFlow.java:29)
          at io.snyk.jenkins.workflow.SnykSecurityStep$Execution.run(SnykSecurityStep.java:172)
          at io.snyk.jenkins.workflow.SnykSecurityStep$Execution.run(SnykSecurityStep.java:159)
          at org.jenkinsci.plugins.workflow.steps.SynchronousNonBlockingStepExecution.lambda$start$0(SynchronousNonBlockingStepExecution.java:47)
          at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539)
          at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
          at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
          at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
          at java.base/java.lang.Thread.run(Thread.java:840)
      *Caused by: java.io.IOException: Server returned HTTP response code: 403 for URL: https://static.snyk.io/cli/1.1288.0/snyk-linux*

       

        1. Jenkins-Snyk-config-2024.05.21-14_15_56.png
          Jenkins-Snyk-config-2024.05.21-14_15_56.png
          105 kB
        2. JenkinsSnyk-2024.05.21-12_34_14.png
          JenkinsSnyk-2024.05.21-12_34_14.png
          248 kB

          [JENKINS-73198] Snyk Security Plugin attempts download from a URL that returns a 403 error and the pipeline fails

          Sridhar created issue -
          Sridhar made changes -
          Attachment New: Jenkins-Snyk-config-2024.05.21-14_15_56.png [ 62616 ]
          Sridhar made changes -
          Summary Original: Snyk Security Plugin attempts download from a URL that returns a 404 error and the pipeline fails New: Snyk Security Plugin attempts download from a URL that returns a 403 error and the pipeline fails
          Sridhar made changes -
          Description Original: I have a pipeline script for a NextJS project. One of the stages is to check the code for against known vulnerabilities using snyk. The snippet is as follows:

          {{      stage('Security Check') {}}
          {{        steps {}}
          {{          echo 'Test your code for vulnerabilities against known vulnerabilities database.........'}}
          {{          snykSecurity(}}
          {{            snykInstallation: 'SnykV1.1288',}}
          {{            snykTokenId: 'Sastra-Snyk-Token',}}
          {{            severity: 'high',}}
          {{          )}}
          {{        }}}
          {{      }}}

           

          When I run the build it fails. The console output indicates that the plugin is attemting to download snyk from a URL that returns a 404
          *Installing Snyk (1.1288.0)...*
          *FATAL: Snyk Security scan failed.*
          *java.lang.RuntimeException: Failed to install Snyk.*
              at io.snyk.jenkins.tools.SnykInstaller.downloadSnykBinaries(SnykInstaller.java:117)
              at io.snyk.jenkins.tools.SnykInstaller.performInstallation(SnykInstaller.java:62)
              at hudson.tools.InstallerTranslator.getToolHome(InstallerTranslator.java:70)
              at hudson.tools.ToolLocationNodeProperty.getToolHome(ToolLocationNodeProperty.java:109)
              at hudson.tools.ToolInstallation.translateFor(ToolInstallation.java:221)
              at io.snyk.jenkins.tools.SnykInstallation.forNode(SnykInstallation.java:53)
              at io.snyk.jenkins.tools.SnykInstallation.install(SnykInstallation.java:112)
              at io.snyk.jenkins.SnykStepFlow.perform(SnykStepFlow.java:29)
              at io.snyk.jenkins.workflow.SnykSecurityStep$Execution.run(SnykSecurityStep.java:172)
              at io.snyk.jenkins.workflow.SnykSecurityStep$Execution.run(SnykSecurityStep.java:159)
              at org.jenkinsci.plugins.workflow.steps.SynchronousNonBlockingStepExecution.lambda$start$0(SynchronousNonBlockingStepExecution.java:47)
              at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539)
              at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
              at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
              at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
              at java.base/java.lang.Thread.run(Thread.java:840)
          *Caused by: java.io.IOException: Server returned HTTP response code: 403 for URL: https://static.snyk.io/cli/1.1288.0/snyk-linux*

                      		New: I have a pipeline script for a NextJS project. One of the stages is to check the code for against known vulnerabilities using snyk. The snippet is as follows:

          {{      stage('Security Check') {}}
          {{        steps {}}
          {{          echo 'Test your code for vulnerabilities against known vulnerabilities database.........'}}
          {{          snykSecurity(}}
          {{            snykInstallation: 'SnykV1.1288',}}
          {{            snykTokenId: 'Sastra-Snyk-Token',}}
          {{            severity: 'high',}}
          {{          )}}
          {\{        }}}
          {\{      }}}

           

          When I run the build it fails. The console output indicates that the plugin is attemting to download snyk from a URL that returns a 403
          *Installing Snyk (1.1288.0)...*
          *FATAL: Snyk Security scan failed.*
          *java.lang.RuntimeException: Failed to install Snyk.*
              at io.snyk.jenkins.tools.SnykInstaller.downloadSnykBinaries(SnykInstaller.java:117)
              at io.snyk.jenkins.tools.SnykInstaller.performInstallation(SnykInstaller.java:62)
              at hudson.tools.InstallerTranslator.getToolHome(InstallerTranslator.java:70)
              at hudson.tools.ToolLocationNodeProperty.getToolHome(ToolLocationNodeProperty.java:109)
              at hudson.tools.ToolInstallation.translateFor(ToolInstallation.java:221)
              at io.snyk.jenkins.tools.SnykInstallation.forNode(SnykInstallation.java:53)
              at io.snyk.jenkins.tools.SnykInstallation.install(SnykInstallation.java:112)
              at io.snyk.jenkins.SnykStepFlow.perform(SnykStepFlow.java:29)
              at io.snyk.jenkins.workflow.SnykSecurityStep$Execution.run(SnykSecurityStep.java:172)
              at io.snyk.jenkins.workflow.SnykSecurityStep$Execution.run(SnykSecurityStep.java:159)
              at org.jenkinsci.plugins.workflow.steps.SynchronousNonBlockingStepExecution.lambda$start$0(SynchronousNonBlockingStepExecution.java:47)
              at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539)
              at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
              at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
              at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
              at java.base/java.lang.Thread.run(Thread.java:840)
          *Caused by: java.io.IOException: Server returned HTTP response code: 403 for URL: [https://static.snyk.io/cli/1.1288.0/snyk-linux*]

           

          Sridhar added a comment -

          HTTP 403 forbidden could mean that the user should be authenticated before accessing the URL. So why would the authentication mechanism fail? 

          Sridhar added a comment - HTTP 403 forbidden could mean that the user should be authenticated before accessing the URL. So why would the authentication mechanism fail? 

            assaf Assaf hefetz
            sridharpandu Sridhar
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: