Uploaded image for project: 'Jenkins Artifactory Plug-in'
  1. Jenkins Artifactory Plug-in
  2. HAP-1083

Xray "scanBuilds" implementation does not use proxy configurations

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: 2.16.1
    • Fix Version/s: 2.16.2
    • Component/s: None
    • Labels:
      None

      Description

      Symptoms: The build job succeeds at pushing artifacts to Artifactory, and buildinfo is posted successfully, but "scanBuilds" events fail to reach Artifactory.

      This is due to the Artifactory Plugin not fully using the proxy settings in Jenkins.

      Steps to reproduce:

      1. Connect Xray and Artifactory
      2. Have a working Jenkins pipeline build, such as the following config:

      node {
      def server
      def buildInfo
      def rtMaven

      stage ('Clone')

      { git url: 'https://github.com/jfrogdev/project-examples.git' }

      stage ('Artifactory configuration')

      { // Obtain an Artifactory server instance, defined in Jenkins --> Manage: server = Artifactory.server 'saas-art' rtMaven = Artifactory.newMavenBuild() rtMaven.tool = 'maven' // Tool name from Jenkins configuration rtMaven.deployer releaseRepo: 'libs-release-local', snapshotRepo: 'libs-snapshot-local', server: server rtMaven.resolver releaseRepo: 'libs-release', snapshotRepo: 'libs-snapshot', server: server rtMaven.deployer.deployArtifacts = false // Disable artifacts deployment during Maven run buildInfo = Artifactory.newBuildInfo() }

      stage ('Test')

      { rtMaven.run pom: 'maven-example/pom.xml', goals: 'clean test' }

      stage ('Install')

      { rtMaven.run pom: 'maven-example/pom.xml', goals: 'install', buildInfo: buildInfo }

      stage ('Deploy')

      { rtMaven.deployer.deployArtifacts buildInfo }

      stage ('Publish build info')

      { server.publishBuildInfo buildInfo }

      stage ('Xray Scan')

      { def scanConfig = [ 'buildName' : buildInfo.name, 'buildNumber' : buildInfo.number, 'failBuild' : false ] def scanResult = server.xrayScan scanConfig echo scanResult as String }

      }

      3. Add a web proxy (Such as squid) to the Jenkins host, and set the proxy configurations under Manage Jenkins -> Manage Plugins -> Advanced

      4. Run the build and note that the "/api/xray/scanBuild" event is not logged by the squid logs (Found in /var/log/squid):

       

      [request.log]

      20180629184627|79|REQUEST|127.0.0.1|admin|PUT|/libs-snapshot-local/org/jfrog/test/multi3/3.7-SNAPSHOT/multi3-3.7-SNAPSHOT.pom;build.timestamp=1530297910512;build.name=saas-build;build.number=8|HTTP/1.1|201|2796

      [...]

      20180629184628|241|REQUEST|10.128.0.37|xray|GET|/libs-snapshot-local/org/jfrog/test/multi3/3.7-SNAPSHOT/multi3-3.7-20180629.184510-8.war|HTTP/1.1|200|2533340

      [...]

      20180629184632|4749|REQUEST|12.244.40.18|admin|POST|/api/xray/scanBuild|HTTP/1.1|200|64

       

      [squid.log]

      1530297921.912    138 127.0.0.1 TCP_MISS/201 1341 PUT http://35.230.87.16:8081/artifactory/libs-snapshot-local/org/jfrog/test/multi3/3.7-SNAPSHOT/multi3-3.7-SNAPSHOT.pom;build.timestamp=1530297910512;build.name=saas-build;build.number=8 - HIER_DIRECT/35.230.87.16 application/vnd.org.jfrog.artifactory.storage.ItemCreated+json

      1530297922.039     31 127.0.0.1 TCP_MISS/200 903 GET http://35.230.87.16:8081/artifactory/api/system/version - HIER_DIRECT/35.230.87.16 application/vnd.org.jfrog.artifactory.system.Version+json

      1530297922.152    108 127.0.0.1 TCP_MISS/204 306 PUT http://35.230.87.16:8081/artifactory/api/build - HIER_DIRECT/35.230.87.16 application/json

       

        Attachments

          Activity

            People

            • Assignee:
              yahavi Yahav Itzhak
              Reporter:
              patrickr Patrick Russell
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: