Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-52821

Upgrade from 3.2.1 to 3.3.0 breaks updateOnly pipeline step.

XMLWordPrintable

      Upgrading from 3.2.1 to 3.3.0 breaks pipeline without feedback on why.

      Rolling back to 3.2.1 or disabling the requireJs analyzer works around the issue.

      NVD data is retrieved through proxy, and the requireJs data url is not blocked by the same proxy and should be retrievable.

      The workaround is manageable for now, but ideally this analyzer too could be used.

      Output with 3.3.0

      [Pipeline] unzip
05:18:02 Extracting from /opt/data/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ/dependency-check-data.zip
05:18:02 Extracting: dc.h2.db -> /opt/data/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ/dependency-check-data/dc.h2.db
05:18:04 Extracted: 1 files
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Update)
[Pipeline] dependencyCheckUpdateOnly
05:18:04 [DependencyCheck] OWASP Dependency-Check Plugin v3.3.0
05:18:04 [DependencyCheck] Executing Dependency-Check with the following options:
05:18:04 [DependencyCheck]  -name = master
05:18:04 [DependencyCheck]  -outputDirectory = /opt/data/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ
05:18:04 [DependencyCheck]  -dataDirectory = /opt/data/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ/dependency-check-data
05:18:04 [DependencyCheck]  -dataMirroringType = none
05:18:04 [DependencyCheck]  -proxyServer = proxy.local
05:18:04 [DependencyCheck]  -proxyPort = 8080
05:18:04 [DependencyCheck]  -isQuickQueryTimestampEnabled = true
05:18:04 [DependencyCheck]  -jarAnalyzerEnabled = false
05:18:04 [DependencyCheck]  -nodePackageAnalyzerEnabled = false
05:18:04 [DependencyCheck]  -nspAnalyzerEnabled = false
05:18:04 [DependencyCheck]  -retireJsAnalyzerEnabled = true
05:18:04 [DependencyCheck]  -composerLockAnalyzerEnabled = false
05:18:04 [DependencyCheck]  -pythonDistributionAnalyzerEnabled = false
05:18:04 [DependencyCheck]  -pythonPackageAnalyzerEnabled = false
05:18:04 [DependencyCheck]  -rubyBundlerAuditAnalyzerEnabled = false
05:18:04 [DependencyCheck]  -rubyGemAnalyzerEnabled = false
05:18:04 [DependencyCheck]  -cocoaPodsAnalyzerEnabled = false
05:18:04 [DependencyCheck]  -swiftPackageManagerAnalyzerEnabled = false
05:18:04 [DependencyCheck]  -archiveAnalyzerEnabled = false
05:18:04 [DependencyCheck]  -assemblyAnalyzerEnabled = false
05:18:04 [DependencyCheck]  -msBuildProjectAnalyzerEnabled = false
05:18:04 [DependencyCheck]  -centralAnalyzerEnabled = false
05:18:04 [DependencyCheck]  -nuspecAnalyzerEnabled = false
05:18:04 [DependencyCheck]  -nexusAnalyzerEnabled = false
05:18:04 [DependencyCheck]  -artifactoryAnalyzerEnabled = false
05:18:04 [DependencyCheck]  -autoconfAnalyzerEnabled = false
05:18:04 [DependencyCheck]  -cmakeAnalyzerEnabled = false
05:18:04 [DependencyCheck]  -opensslAnalyzerEnabled = false
05:18:04 [DependencyCheck]  -showEvidence = true
05:18:04 [DependencyCheck]  -formats = XML 
05:18:04 [DependencyCheck]  -autoUpdate = true
05:18:04 [DependencyCheck]  -updateOnly = true
05:18:04 [DependencyCheck] Performing NVD update only
05:18:13 [DependencyCheck] Unable to update the Dependency-Check database
[Pipeline] }
[Pipeline] // stage

      Output with 3.3.0, requireJs analyzer disable in global config.

      [Pipeline] unzip
17:57:59 Extracting from /opt/data/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ/dependency-check-data.zip
17:57:59 Extracting: dc.h2.db -> /opt/data/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ/dependency-check-data/dc.h2.db
17:58:01 Extracting: dc.lock.db -> /opt/data/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ/dependency-check-data/dc.lock.db
17:58:01 Extracted: 2 files
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Update)
[Pipeline] dependencyCheckUpdateOnly
17:58:01 [DependencyCheck] OWASP Dependency-Check Plugin v3.3.0
17:58:01 [DependencyCheck] Executing Dependency-Check with the following options:
17:58:01 [DependencyCheck]  -name = master
17:58:01 [DependencyCheck]  -outputDirectory = /opt/data/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ
17:58:01 [DependencyCheck]  -dataDirectory = /opt/data/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ/dependency-check-data
17:58:01 [DependencyCheck]  -dataMirroringType = none
17:58:01 [DependencyCheck]  -proxyServer = proxy.local
17:58:01 [DependencyCheck]  -proxyPort = 8080
17:58:01 [DependencyCheck]  -isQuickQueryTimestampEnabled = true
17:58:01 [DependencyCheck]  -jarAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -nodePackageAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -nspAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -retireJsAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -composerLockAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -pythonDistributionAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -pythonPackageAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -rubyBundlerAuditAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -rubyGemAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -cocoaPodsAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -swiftPackageManagerAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -archiveAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -assemblyAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -msBuildProjectAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -centralAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -nuspecAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -nexusAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -artifactoryAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -autoconfAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -cmakeAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -opensslAnalyzerEnabled = false
17:58:01 [DependencyCheck]  -showEvidence = true
17:58:01 [DependencyCheck]  -formats = XML 
17:58:01 [DependencyCheck]  -autoUpdate = true
17:58:01 [DependencyCheck]  -updateOnly = true
17:58:01 [DependencyCheck] Performing NVD update only
[Pipeline] }
[Pipeline] // stage

      Old 3.2.1 run:

      [Pipeline] unzip
05:18:02 Extracting from /opt/apps/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ/dependency-check-data.zip
05:18:02 Extracting: dc.h2.db -> /opt/apps/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ/dependency-check-data/dc.h2.db
05:18:03 Extracted: 1 files
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Update)
[Pipeline] dependencyCheckUpdateOnly
05:18:03 [DependencyCheck] OWASP Dependency-Check Plugin v3.2.1
05:18:03 [DependencyCheck] Executing Dependency-Check with the following options:
05:18:03 [DependencyCheck]  -name = master
05:18:03 [DependencyCheck]  -outputDirectory = /opt/apps/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ
05:18:03 [DependencyCheck]  -dataDirectory = /opt/apps/jenkins/jenkins/workspace/ency-checker-updater_master-FSGPE7SQZD5SF3YSLFVMSFD2RZCNMIB4GH3DQZD7P6MA4IUJIBNQ/dependency-check-data
05:18:03 [DependencyCheck]  -dataMirroringType = none
05:18:03 [DependencyCheck]  -proxyServer = proxy.local
05:18:03 [DependencyCheck]  -proxyPort = 8080
05:18:03 [DependencyCheck]  -isQuickQueryTimestampEnabled = true
05:18:03 [DependencyCheck]  -jarAnalyzerEnabled = false
05:18:03 [DependencyCheck]  -nodePackageAnalyzerEnabled = false
05:18:03 [DependencyCheck]  -nspAnalyzerEnabled = false
05:18:03 [DependencyCheck]  -composerLockAnalyzerEnabled = false
05:18:03 [DependencyCheck]  -pythonDistributionAnalyzerEnabled = false
05:18:03 [DependencyCheck]  -pythonPackageAnalyzerEnabled = false
05:18:03 [DependencyCheck]  -rubyBundlerAuditAnalyzerEnabled = false
05:18:03 [DependencyCheck]  -rubyGemAnalyzerEnabled = false
05:18:03 [DependencyCheck]  -cocoaPodsAnalyzerEnabled = false
05:18:03 [DependencyCheck]  -swiftPackageManagerAnalyzerEnabled = false
05:18:03 [DependencyCheck]  -archiveAnalyzerEnabled = false
05:18:03 [DependencyCheck]  -assemblyAnalyzerEnabled = false
05:18:03 [DependencyCheck]  -centralAnalyzerEnabled = false
05:18:03 [DependencyCheck]  -nuspecAnalyzerEnabled = false
05:18:03 [DependencyCheck]  -nexusAnalyzerEnabled = false
05:18:03 [DependencyCheck]  -autoconfAnalyzerEnabled = false
05:18:03 [DependencyCheck]  -cmakeAnalyzerEnabled = false
05:18:03 [DependencyCheck]  -opensslAnalyzerEnabled = false
05:18:03 [DependencyCheck]  -showEvidence = true
05:18:03 [DependencyCheck]  -formats = XML 
05:18:03 [DependencyCheck]  -autoUpdate = true
05:18:03 [DependencyCheck]  -updateOnly = true
05:18:04 [DependencyCheck] Performing NVD update only
[Pipeline] }
[Pipeline] // stage

            Unassigned Unassigned
            jkarlberg Johan karlberg
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: