Nexus IQ Scan in declaritive Pipeline can't scan multiple applications in one build correctly
JuSenshi opened this issue · comments
Jenkins and plugins versions report
Environment
Jenkins: 2.387.3
OS: Windows Server 2019 - 10.0
Java: 11.0.16 - Oracle Corporation (Java HotSpot(TM) 64-Bit Server VM)
---
JDK_Parameter_Plugin:1.2
NegotiateSSO:105.vf0d0de2a_b_8a_5
Parameterized-Remote-Trigger:3.1.6.3
PrioritySorter:4.1.0
ace-editor:1.1
active-directory:2.30
analysis-model-api:11.1.0
ansible:174.vfd5323d2b_9d8
ansible-tower:0.16.0
ansicolor:1.0.2
ant:487.vd79d090d4ea_e
antisamy-markup-formatter:159.v25b_c67cd35fb_
any-buildstep:14.ve115ec1484f0
apache-httpcomponents-client-4-api:4.5.14-150.v7a_b_9d17134a_5
artifactdeployer:1.3
atlassian-bitbucket-server-integration:3.3.2
audit-trail:333.vb_e1b_b_0f1238c
authentication-tokens:1.53.v1c90fd9191a_b_
authorize-project:1.5.1
badge:1.9.1
bitbucket:223.vd12f2bca5430
bitbucket-approval-filter:1.0.3
bitbucket-filter-project-trait:1.0
bitbucket-pullrequest-builder:1.5.0
bitbucket-pullrequests-filter:13.vda_de92e841b_b_
bitbucket-push-and-pull-request:2.8.3
bitbucket-scm-filter-aged-refs:31.ve3b_ca_fc71d5b_
bitbucket-scm-filter-jira-validator:0.1.0
bitbucket-scm-trait-commit-skip:0.4.0
blueocean:1.27.3
blueocean-autofavorite:1.2.5
blueocean-bitbucket-pipeline:1.27.3
blueocean-commons:1.27.3
blueocean-config:1.27.3
blueocean-core-js:1.27.3
blueocean-dashboard:1.27.3
blueocean-display-url:2.4.2
blueocean-events:1.27.3
blueocean-git-pipeline:1.27.3
blueocean-github-pipeline:1.27.3
blueocean-i18n:1.27.3
blueocean-jira:1.27.3
blueocean-jwt:1.27.3
blueocean-personalization:1.27.3
blueocean-pipeline-api-impl:1.27.3
blueocean-pipeline-editor:1.27.3
blueocean-pipeline-scm-api:1.27.3
blueocean-rest:1.27.3
blueocean-rest-impl:1.27.3
blueocean-web:1.27.3
bootstrap4-api:4.6.0-5
bootstrap5-api:5.3.0-1
bouncycastle-api:2.28
branch-api:2.1071.v1a_188a_562481
build-blocker-plugin:1.7.8
build-environment:1.7
build-failure-analyzer:2.4.1
build-pipeline-plugin:1.5.8
build-timeout:1.30
build-timestamp:1.0.3
build-user-vars-plugin:1.9
buildtriggerbadge:251.vdf6ef853f3f5
built-on-column:1.4
caffeine-api:3.1.6-115.vb_8b_b_328e59d8
checks-api:2.0.0
cloudbees-bitbucket-branch-source:800.va_b_b_9a_a_5035c1
cloudbees-folder:6.815.v0dd5a_cb_40e0e
code-coverage-api:4.4.0
command-launcher:100.v2f6722292ee8
commons-httpclient3-api:3.1-3
commons-lang3-api:3.12.0-36.vd97de6465d5b_
commons-text-api:1.10.0-36.vc008c8fcda_7b_
conditional-buildstep:1.4.2
config-file-provider:3.11.1
configuration-as-code:1625.v27444588cc3d
configurationslicing:430.v966357576543
configure-job-column-plugin:84.v792c9269f95a
coordinator:1.4.0
copyartifact:698.v393f578eb_ddc
countjobs-viewstabbar:1.0.1
credentials:1236.v31e44e6060c0
credentials-binding:604.vb_64480b_c56ca_
cron_column:1.7
cvs:2.19.1
dashboard-view:2.472.v9ff2a_e6a_c529
data-tables-api:1.13.3-3
delivery-pipeline-plugin:1.4.2
depgraph-view:1.0.5
display-url-api:2.3.7
docker-commons:419.v8e3cd84ef49c
docker-workflow:563.vd5d2e5c4007f
doclinks:0.6.1
downstream-ext:73.vdda_16e6eb_0da
durable-task:506.v1b_3e14b_6f5da_
dynamic_extended_choice_parameter:1.0.1
dynamicparameter:0.2.0
echarts-api:5.4.0-5
email-ext:2.96
envinject:2.901.v0038b_6471582
envinject-api:1.199.v3ce31253ed13
extended-read-permission:3.2
extensible-choice-parameter:1.8.0
external-monitor-job:203.v683c09d993b_9
favorite:2.4.1
flexible-publish:0.16.1
font-awesome-api:6.3.0-2
forensics-api:2.1.0
generic-webhook-trigger:1.86.3
git:5.0.1
git-client:4.2.0
git-server:99.va_0826a_b_cdfa_d
github:1.37.0
github-api:1.303-417.ve35d9dd78549
github-branch-source:1703.vd5a_2b_29c6cdc
github-scm-trait-commit-skip:0.4.0
global-post-script:1.1.4
google-oauth-plugin:1.0.8
gradle:2.6
groovy:453.vcdb_a_c5c99890
groovy-postbuild:2.5
handlebars:3.0.8
handy-uri-templates-2-api:2.1.8-22.v77d5b_75e6953
hidden-parameter:94.ve2cefce14d3f
htmlpublisher:1.31
http_request:1.16
instance-identity:173.va_37c494ec4e5
ionicons-api:45.vf54fca_5d2154
jackson2-api:2.15.2-350.v0c2f3f8fc595
jakarta-activation-api:2.0.1-3
jakarta-mail-api:2.0.1-3
javadoc:233.vdc1a_ec702cff
javax-activation-api:1.2.0-6
javax-mail-api:1.6.2-9
jaxb:2.3.8-1
jdk-tool:66.vd8fa_64ee91b_d
jenkins-design-language:1.27.3
jenkinswalldisplay:0.6.34
jersey2-api:2.39.1-1
jira:3.9
jira-ext:0.9
jira-trigger:1.0.2
jjwt-api:0.11.5-77.v646c772fddb_0
jnr-posix-api:3.1.16-2
job-dsl:1.83
job-import-plugin:3.6
jobConfigHistory:1207.vd28a_54732f92
jquery:1.12.4-1
jquery-detached:1.2.1
jquery3-api:3.7.0-1
jsch:0.2.8-65.v052c39de79b_2
junit:1207.va_09d5100410f
kerberos-sso:1.11
kubernetes:3923.v294a_d4250b_91
kubernetes-client-api:6.4.1-215.v2ed17097a_8e9
kubernetes-credentials:0.10.0
ldap:673.v034ec70ec2b_b_
lockable-resources:1150.v59db_2b_994618
log-parser:2.3.0
mac:1.6.1
mailer:457.v3f72cb_e015e5
mapdb-api:1.0.9-28.vf251ce40855d
mask-passwords:150.vf80d33113e80
matrix-auth:3.1.8
matrix-project:789.v57a_725b_63c79
maven-plugin:3.22
mercurial:1260.vdfb_723cdcc81
metrics:4.2.13-420.vea_2f17932dd6
mina-sshd-api-common:2.10.0-69.v28e3e36d18eb_
mina-sshd-api-core:2.10.0-69.v28e3e36d18eb_
momentjs:1.1.1
monitoring:1.94.0
multi-branch-priority-sorter:1.0
nexus-artifact-uploader:2.14
nexus-jenkins-plugin:3.19.1-01
nexus-task-runner:0.9.2
nodejs:1.6.0
nodelabelparameter:1.11.0
oauth-credentials:0.645.ve666a_c332668
okhttp-api:4.10.0-132.v7a_7b_91cef39c
openshift-client:1.0.38
openshift-login:1.0.29
openshift-sync:1.0.55
pam-auth:1.10
parameterized-scheduler:1.2
parameterized-trigger:2.45
permissive-script-security:0.7
persistent-parameter:1.3
pipeline-build-step:491.v1fec530da_858
pipeline-github-lib:42.v0739460cda_c4
pipeline-graph-analysis:202.va_d268e64deb_3
pipeline-groovy-lib:656.va_a_ceeb_6ffb_f7
pipeline-input-step:468.va_5db_051498a_4
pipeline-milestone-step:111.v449306f708b_7
pipeline-model-api:2.2131.vb_9788088fdb_5
pipeline-model-definition:2.2131.vb_9788088fdb_5
pipeline-model-extensions:2.2131.vb_9788088fdb_5
pipeline-rest-api:2.32
pipeline-stage-step:305.ve96d0205c1c6
pipeline-stage-tags-metadata:2.2131.vb_9788088fdb_5
pipeline-stage-view:2.32
pipeline-utility-steps:2.15.2
plain-credentials:143.v1b_df8b_d3b_e48
plugin-util-api:3.3.0
popper-api:1.16.1-3
popper2-api:2.11.6-2
postbuildscript:3.2.0-460.va_fda_0fa_26720
powershell:2.0
preSCMbuildstep:71.v1f2990a_37e27
prereq-buildstep:1.1
prism-api:1.29.0-4
publish-over:0.22
publish-over-ftp:1.17
publish-to-bitbucket:0.4
pubsub-light:1.17
quality-gates:2.5
rebuild:320.v5a_0933a_e7d61
regexemail:0.3
resource-disposer:0.22
role-strategy:631.va_dd0d500b_fc5
run-condition:1.5
scm-api:667.v8b_6e07cdc7f2
scm2job:2.5
scp:1.8
script-security:1244.ve463715a_f89c
scriptler:3.5
show-build-parameters:1.0
simple-build-for-pipeline:0.2
skip-notifications-trait:148.v269dccfa_1426
sloccount:1.27
snakeyaml-api:1.33-95.va_b_a_e3e47b_fa_4
sonar:2.15
sonar-quality-gates:1.3.1
sonarqube-generic-coverage:1.0
sse-gateway:1.26
ssh:2.6.1
ssh-agent:333.v878b_53c89511
ssh-credentials:305.v8f4381501156
ssh-slaves:2.877.v365f5eb_a_b_eec
ssh-steps:2.0.65.vd26b_5b_9b_de4d
sshd:3.303.vefc7119b_ec23
startup-trigger-plugin:2.9.3
stashNotifier:1.28
structs:324.va_f5d6774f3a_d
subversion:2.17.2
template-project:1.5.2
test-results-analyzer:0.4.0
text-finder:1.24
throttle-concurrents:2.13
timestamper:1.24
token-macro:359.vb_cde11682e0c
translation:1.16
trilead-api:2.84.v72119de229b_7
uno-choice:2.6.5
variant:59.vf075fe829ccb
view-job-filters:364.v48a_33389553d
violation-comments-to-stash:1.130
warnings-ng:10.1.0
workflow-aggregator:596.v8c21c963d92d
workflow-api:1213.v646def1087f9
workflow-basic-steps:1017.vb_45b_302f0cea_
workflow-cps:3659.v582dc37621d8
workflow-cps-global-lib:609.vd95673f149b_b
workflow-durable-task-step:1246.v5524618ea_097
workflow-job:1292.v27d8cc3e2602
workflow-multibranch:746.v05814d19c001
workflow-scm-step:408.v7d5b_135a_b_d49
workflow-step-api:639.v6eca_cd8c04a_a_
workflow-support:839.v35e2736cfd5c
ws-cleanup:0.45
xml-job-to-job-dsl:0.1.13
zentimestamp:4.2
What Operating System are you using (both controller, and any agents involved in the problem)?
Windows Server 2019 for controller and agents.
Reproduction steps
- Build a declarative pipeline with that scans multiple applications parallel or in series
(Multiple calls of this method in one build:
def nexusIQScan(String appName, String orgID) {
def scanPatterns = [[scanPattern: "${appName}/path_to/module.xml"]]
def policyEvaluation = nexusPolicyEvaluation iqApplication: manualApplication("${appName}"),
iqStage: "release",
iqScanPatterns: scanPatterns,
iqOrganization: orgID,
jobCredentialsId: 'redacted',
failBuildOnNetworkError: false
}
Expected Results
Each call of this method should trigger a scan of the dependencies in the scan patterns, scrictly seperated from the other scans in the same build.
Actual Results
The dependencies add up with every scan. Given three scans for applications A to C: Scan for application A starts first and scans 10 dependencies, Scan B then includes those 10 dependencies for its scan and adds them in the report for Application B. The dependencies of app A and B are also then included in the third scan C.
Anything else?
We split the method calls into seperate stages and first exectuted those stages in a parallel-block but then switched to consequtive execution but that didn't help.
Are you interested in contributing a fix?
No response
Closing this issue as the repository is being archived for jenkins-infra/helpdesk#3742.