Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-58008

Checkmarx Jenkins plugin 8.9.0 is not backwards compatible with server 8.8.0

    Details

    • Type: Improvement
    • Status: Open (View Workflow)
    • Priority: Minor
    • Resolution: Unresolved
    • Component/s: checkmarx-plugin
    • Labels:
      None
    • Environment:
      Jenkins 2.174
      Checkmarx plugin 8.90.1
      Checkmarx server 8.8.0HF8
      Pipeline plugin 2.6
    • Similar Issues:

      Description

      The snippet generator does not display a checkbox for generateXmlReport, so the resulting snippet doesn't have it either.

      During job execution, the following error is raised:

       [Cx-Warning]: Failed to generate HTML report: The following has evaluated to null or missing:
       ==> config.generateXmlReport  [in template "report.ftl" at line 1583, column 32]
       
       ----
       Tip: It's the step after the last dot that caused this error, not those before it.
       ----
       Tip: If the failing expression is known to legally refer to something that's sometimes null or missing, either specify a default value like myOptionalVar!myDefault, or use <#if myOptionalVar??>when-present<#else>when-missing</#if>. (These only cover the last step of the expression; to cover the whole expression, use parenthesis: (myOptionalVar.foo)!myDefault, (myOptionalVar.foo)??
       ----
       
       ----
       FTL stack trace ("~" means nesting-related):
       	- Failed at: #if config.sastEnabled && config.gene...  [in template "report.ftl" at line 1583, column 5]
       ----

      Manually adding 

      generateXmlReport: true,
      

      To the snippet resolves this issue and the report is successfully published in Jenkins.

        

      Here is the original generated snippet (all defaults):

      step([$class: 'CxScanBuilder', comment: '', credentialsId: '', excludeFolders: 'test,tests,fonts,docker,datagen,testing', excludeOpenSourceFolders: '', exclusionsSetting: 'global', failBuildOnNewResults: false, filterPattern: '''!**/_cvs/**/*, !**/.svn/**/*,   !**/.hg/**/*,   !**/.git/**/*,  !**/.bzr/**/*, !**/bin/**/*,
      !**/obj/**/*,  !**/backup/**/*, !**/.idea/**/*, !**/*.DS_Store, !**/*.ipr,     !**/*.iws,
      !**/*.bak,     !**/*.tmp,       !**/*.aac,      !**/*.aif,      !**/*.iff,     !**/*.m3u, !**/*.mid, !**/*.mp3,
      !**/*.mpa,     !**/*.ra,        !**/*.wav,      !**/*.wma,      !**/*.3g2,     !**/*.3gp, !**/*.asf, !**/*.asx,
      !**/*.avi,     !**/*.flv,       !**/*.mov,      !**/*.mp4,      !**/*.mpg,     !**/*.rm,  !**/*.swf, !**/*.vob,
      !**/*.wmv,     !**/*.bmp,       !**/*.gif,      !**/*.jpg,      !**/*.png,     !**/*.psd, !**/*.tif, !**/*.swf,
      !**/*.jar,     !**/*.zip,       !**/*.rar,      !**/*.exe,      !**/*.dll,     !**/*.pdb, !**/*.7z,  !**/*.gz,
      !**/*.tar.gz,  !**/*.tar,       !**/*.gz,       !**/*.ahtm,     !**/*.ahtml,   !**/*.fhtml, !**/*.hdm,
      !**/*.hdml,    !**/*.hsql,      !**/*.ht,       !**/*.hta,      !**/*.htc,     !**/*.htd, !**/*.war, !**/*.ear,
      !**/*.htmls,   !**/*.ihtml,     !**/*.mht,      !**/*.mhtm,     !**/*.mhtml,   !**/*.ssi, !**/*.stm,
      !**/*.stml,    !**/*.ttml,      !**/*.txn,      !**/*.xhtm,     !**/*.xhtml,  !**/*.class, !**/*.iml, !Checkmarx/Reports/*.*,    !**/*.xml,      !**/*.xsd,   !**/*.gradle,     !**/*.properties,    !**/*.csv,     !**/*.txt,    !**/*.md,     !**/.gitignore,     !**/*.yml,     !**/*.yaml,    !**/*.sh,    !**/*.adoc,    !**/*.css,    !**/*.md, ''', fullScanCycle: 10, groupId: 'XXXXXXXXX', includeOpenSourceFolders: '', osaArchiveIncludePatterns: '*.zip, *.war, *.ear, *.tgz', osaInstallBeforeScan: false, password: 'XXXXXXXXXXXX', preset: '36', projectName: 'XXXXXXXXX', sastEnabled: true, serverUrl: 'XXXXXXXXXX', sourceEncoding: '1', username: ''])
      

       

       

        Attachments

          Activity

          Hide
          akom Alexander Komarov added a comment - - edited

          I discovered the following through trial and error:

          1. Freestyle Jobs are also affected and there is no workaround as for Pipeline Jobs.
          2. The issue is caused by a client-server version mismatch. The plugin is not backwards compatible.  I have plugin 8.9.0 and server 8.8.0.   After downgrading the plugin (Found an old version here), the error disappeared.

          Lack of backwards compatibility is not intuitive in my opinion.  In my company, one department maintains the server and leaves it up to each team to set up their CI. Server and client will thus have different upgrade paths, and backwards compatibility is a reasonable expectation.

          Show
          akom Alexander Komarov added a comment - - edited I discovered the following through trial and error: Freestyle Jobs are also affected and there is no workaround as for Pipeline Jobs. The issue is caused by a client-server version mismatch. The plugin is not backwards compatible.  I have plugin 8.9.0 and server 8.8.0.   After downgrading the plugin (Found an old version here ), the error disappeared. Lack of backwards compatibility is not intuitive in my opinion.  In my company, one department maintains the server and leaves it up to each team to set up their CI. Server and client will thus have different upgrade paths, and backwards compatibility is a reasonable expectation.

            People

            • Assignee:
              sergeyk Sergey Kadaner
              Reporter:
              akom Alexander Komarov
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: