Having problems with your account or logging in?
A lot of changes are happening in the community right now. Some may affect you. READ MORE HERE
Highlighted
Super Contributor.. ellerm Super Contributor..
Super Contributor..
6151 views

Jenkins Scan Failure

Jump to solution

I have a development group that has Maven project in which I've been helping them set up scans.  The current method we've been using is to embed a scan script that I created using scan wizard.  At the bottom of the script are multiple REM's which include the path for class files.

REM ARGS "PROJECTROOT0_MARKER\<PATH>\guidedPortfolios\util\MarketCalendar.class;PROJECTROOT0_MARKER<PATH>\internalapp\guidedPortfolios\util\PortfolioBuilderConstants.class;PROJECTROOT0_MARKER\<PATH>\internalapp\guidedPortfolios\util\StaticDataHolder.class;PROJECTROOT0_MARKER<PATH>guidedPortfolios\util\TaxDefferedAccounts.class;PROJECTROOT0_MARKER\<PATH>\util\Utils.class"

REM ARGS "-cp"

REM ARGS "PROJECTROOT0_MARKER\<PATH>\SearchAccounts1.class;PROJECTROOT0_MARKER\<PATH>\WordPress.class"

REM ARGS "-source"

REM ARGS "1.5"

REM ARGS "PROJECTROOT0_MARKER"

When these REM's are included the scan works fine via Jenkins.  When they are eliminated the scan fails?  These are just comments so I don't know why it fails.  (The reason these REMs have been removed is that they are several hundred lines long.

This is the Jenkins Error:

[<Project>] $ cmd /c call C:\Users\<user>\AppData\Local\Temp\hudson3721415365006385515.bat

<Project Name>

D:\Jenkins\workspace\<Project>\<Project Name>

Extracting Arguments File

Cleaning previous scan artifacts

Translating files

[error]: No valid input files were specified.  (Use the -scan option to analyze previously-built sources.)

Fortify Static Code Analyzer 6.10.0120


Any suggestions?

Labels (2)
Tags (2)
0 Likes
1 Solution

Accepted Solutions
simon.corlett@h Absent Member.
Absent Member.

Re: Jenkins Scan Failure

Jump to solution

Hi Mike, the Scan Wizard scripts actually add all of these REMs to a text file which is then passed to SCA to give it its command line arguments. The first few REMs are the files we're passing to be scanned. As such if these don't exist no files will be passed to SCA for translation.

0 Likes
4 Replies
simon.corlett@h Absent Member.
Absent Member.

Re: Jenkins Scan Failure

Jump to solution

Hi Mike, the Scan Wizard scripts actually add all of these REMs to a text file which is then passed to SCA to give it its command line arguments. The first few REMs are the files we're passing to be scanned. As such if these don't exist no files will be passed to SCA for translation.

0 Likes
leeh@hpe.com1 Absent Member.
Absent Member.

Re: Jenkins Scan Failure

Jump to solution

If you are using maven to build your project, you should think about using the SCA maven plugin to integrate SCA with the maven build process.

You reduce the complexity of scan wizard, and simply the build process to be maven & SCA.

Any simplification to (any) build system you can make is good practise :-)

Good Luck.

Lee Hughes

CISSP

0 Likes
Super Contributor.. ellerm Super Contributor..
Super Contributor..

Re: Jenkins Scan Failure

Jump to solution

Thanks for the explanation Simon.  We were able to get around this by using some statements to pull in all of the files in specific directories rather than specific statements.  The initial reason we were removing these REM is that Jenkins must have a size limit for the command line plugin so the file was too big.  The other thing we tried which worked as well was to use an extra script and call it from within Jenkins.

0 Likes
Super Contributor.. ellerm Super Contributor..
Super Contributor..

Re: Jenkins Scan Failure

Jump to solution

Agreed, I have been talking to the dev team about using the Maven plugin to build and they're aware of it but we're just starting out so I think they wanted to take the easy road first before updating all the POMs etc...  Thanks.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.