[JIRA] (JENKINS-60958) [ASoC Plugin] While waiting for several scans to finish, 504 Gateway Timeout error returned from job

31 views
Skip to first unread message

bts.dido@gmail.com (JIRA)

unread,
Feb 4, 2020, 2:51:04 AM2/4/20
to jenkinsc...@googlegroups.com
BAT-ULZII TSEND-OCHIR created an issue
 
Jenkins / Bug JENKINS-60958
[ASoC Plugin] While waiting for several scans to finish, 504 Gateway Timeout error returned from job
Issue Type: Bug Bug
Assignee: Matt Murphy
Attachments: 504_error.png, ScanRunning.png
Components: ibm-asoc-plugin
Created: 2020-02-04 07:50
Environment: Jenkins ver. 2.204.1
HCL AppScan plugin version 1.2.6
Labels: plugin
Priority: Major Major
Reporter: BAT-ULZII TSEND-OCHIR

I'm using ASoC plugin from pipeline script like below reading scan targets from simple text file.  Scan targets are about 90. 

stage('Run ASoC static scan') {
  when {
    environment name: 'RUN_ASOC_SCAN', value: 'true'
  }
  steps {
    echo "Will execute ASoC Static Scan"
    script{
      def projectNames = readFile 'asoc-scan-target-projects.txt'
      def projects = projectNames.split("\n")
      def failedProjects = []
      for(int i = 0; i < projects.size(); i++) {
        def project = projects[i]
        def scanName = project.replaceAll("/", "-")
        echo "Trying to run static scan of ${project}"
        try{
          appscan application: '######REDACTED#######', 
          credentials: "${env.ASOC_CREDENTIAL}", 
          name: "Scan-${scanName}-", 
          scanner: static_analyzer(
            hasOptions: false, 
            target: 
              "${WORKSPACE}/${project}"
          ), 
          type: 'Static Analyzer'
        } catch(ex) {
          echo "Scan attempt of ${project} failed!. Reason is ${ex}"
          failedProjects.add(project)
        }
      }
      def totalFailed = failedProjects.size()
      echo "Failed to scan projects are: ${failedProjects}"
      echo "Total failed ${totalFailed}"
    }
  }
}

But when scan is in progress like attached file(ScanRunning.png), Jenkins job returns 504 Gateway Timeout error and unable to access. Attempt of accessing job URL stops returning HTTP 504 error after scan is finished. 
Add Comment Add Comment
 
This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f)
Atlassian logo

matthew.murphy@hcl.com (JIRA)

unread,
Feb 4, 2020, 8:50:02 AM2/4/20
to jenkinsc...@googlegroups.com
Matt Murphy commented on Bug JENKINS-60958
 
Re: [ASoC Plugin] While waiting for several scans to finish, 504 Gateway Timeout error returned from job

Can you provide more information about where you're seeing the 504 (in the console output, in a log, etc.) and what action causes the error (clicking the results link, etc.)?

matthew.murphy@hcl.com (JIRA)

unread,
Feb 4, 2020, 8:51:02 AM2/4/20
to jenkinsc...@googlegroups.com
Matt Murphy edited a comment on Bug JENKINS-60958

bts.dido@gmail.com (JIRA)

unread,
Feb 4, 2020, 10:22:03 PM2/4/20
to jenkinsc...@googlegroups.com

Matt Murphy

I'm not sure which action is causing 504 error. Simply I just cannot access to job URL for some reason. 

I checked SystemLog of Jenkins and found suspicious entry. 

JENKINS-45892: reference to org.jenkinsci.plugins.workflow.job.WorkflowJob@6ae37b1d[#REDACTED JOB NAME#] being saved from unexpected /jenkins_data/jenkins_home/jobs/#REDACTED JOB PATH#/builds/87/build.xml
java.lang.IllegalStateException

Here REDACTED JOB refers to job name I'm not able to access, getting 504 instead.

 

Is there any other logger related to ASoC Plugin that I can enable and see more messages for debugging? 

bts.dido@gmail.com (JIRA)

unread,
Feb 4, 2020, 10:59:02 PM2/4/20
to jenkinsc...@googlegroups.com
BAT-ULZII TSEND-OCHIR updated an issue
 
Change By: BAT-ULZII TSEND-OCHIR
Attachment: 504_error_on_build_url.png

bts.dido@gmail.com (JIRA)

unread,
Feb 4, 2020, 11:00:03 PM2/4/20
to jenkinsc...@googlegroups.com
 
Re: [ASoC Plugin] While waiting for several scans to finish, 504 Gateway Timeout error returned from job

Matt Murphy

It seems attempt of accessing build URL returns 504 error. Please see attached screenshot 504_error_on_build_url.png. 

bts.dido@gmail.com (JIRA)

unread,
Feb 16, 2020, 11:14:03 PM2/16/20
to jenkinsc...@googlegroups.com

Matt Murphy

It seems ResultsRetriever action causing 504. 

matthew.murphy@hcl.com (JIRA)

unread,
Feb 17, 2020, 9:40:02 AM2/17/20
to jenkinsc...@googlegroups.com

Thanks, will take a look.

 

bts.dido@gmail.com (JIRA)

unread,
Feb 18, 2020, 3:35:04 AM2/18/20
to jenkinsc...@googlegroups.com

Matt Murphy

Thanks!

I debugged further and I think I found where issue is. 

https://github.com/jenkinsci/ibm-asoc-plugin/blob/ibm-application-security-1.3.0/src/main/java/com/hcl/appscan/jenkins/plugin/actions/ResultsRetriever.java#L64-L79

 

public boolean getHasResults() {
   return checkResults(m_build);
}

public boolean checkResults(Run<?,?> r) {
   if(r.getAllActions().contains(this) && m_provider.hasResults()) {
      r.getActions().remove(this); //We need to remove this action from the build, but getAllActions() returns a read-only list.
      r.addAction(createResults());
      try {
         r.save();
      } catch (IOException e) {
      }
      return true;
   }
   return false;
}

Here m_provider.hasResults() is doing synchronous HTTP request and taking some time to complete. If hasResults() returns true, logic proceeds to createResults().

createResults() method creates new ScanResults object but during construction of this object, getReport() method is called. This method is also doing synchronous HTTP request for retrieving HTML scan report and taking some time to complete. 

https://github.com/jenkinsci/ibm-asoc-plugin/blob/ibm-application-security-1.3.0/src/main/java/com/hcl/appscan/jenkins/plugin/actions/ScanResults.java#L45-L58

public ScanResults(Run<?,?> build, IResultsProvider provider, String name, String status,
      int totalFindings, int highCount, int mediumCount, int lowCount, int infoCount) {
   super(build.getParent());
   m_build = build;
   m_provider = provider;
   m_name = name;
   m_status = status;
   m_totalFindings = totalFindings;
   m_highCount = highCount;
   m_mediumCount = mediumCount;
   m_lowCount = lowCount;
   m_infoCount = infoCount;
               getReport();
}

If we run one scan during build, maybe this is not a problem, but if we run several scans during build synchronous HTTP requests are causing some mess like 504 Gateway Timeout error. 

I think at least getReport() method should do asynchronous HTTP request. 

 

matthew.murphy@hcl.com (JIRA)

unread,
Feb 18, 2020, 8:58:04 AM2/18/20
to jenkinsc...@googlegroups.com

Thanks for debugging the issue BAT-ULZII TSEND-OCHIR.  It looks like you've found the problem.  We'll look into fixing this and getting an updated plugin published as soon as we can.

 

matthew.murphy@hcl.com (JIRA)

unread,
Apr 30, 2020, 1:04:03 PM4/30/20
to jenkinsc...@googlegroups.com
Matt Murphy started work on Bug JENKINS-60958
 
Change By: Matt Murphy
Status: Open In Progress
This message was sent by Atlassian Jira (v7.13.12#713012-sha1:6e07c38)
Atlassian logo

matthew.murphy@hcl.com (JIRA)

unread,
Apr 30, 2020, 1:04:04 PM4/30/20
to jenkinsc...@googlegroups.com

This has been fixed in version 1.0.1 of HCL AppScan.

 

matthew.murphy@hcl.com (JIRA)

unread,
Apr 30, 2020, 1:05:04 PM4/30/20
to jenkinsc...@googlegroups.com
Matt Murphy resolved as Fixed
 
Change By: Matt Murphy
Status: In Progress Resolved
Resolution: Fixed
Released As: HCL AppScan 1.0.1
Reply all
Reply to author
Forward
0 new messages