Copying the source file failed

[damian.pu...@gmail.com]

Hi,

I'm trying to run the report via Jenkins plugin. The report is generated but messages in logs make me worry:

01 Copying the source file '/home/jenkins/workspace/<myFolder><myJob>/some-jar-3.3.1.jar/META-INF/maven/org.eclipse.jetty/jetty-continuation/pom.xml' from the workspace to the build folder 'c2665da6.tmp' on the Jenkins master failed.
02 Is the file '/home/jenkins/workspace/<myFolder><myJob>/some-jar-3.3.1.jar/META-INF/maven/org.eclipse.jetty/jetty-continuation/pom.xml' a valid filename?
03 If you are building on a slave: please check if the file is accessible under '$JENKINS_HOME/[job-name]//home/jenkins/workspace/<myFolder><myJob>/some-jar-3.3.1.jar/META-INF/maven/org.eclipse.jetty/jetty-continuation/pom.xml'
04 If you are building on the master: please check if the file is accessible under '$JENKINS_HOME/[job-name]/workspace//home/jenkins/workspace/<myFolder><myJob>/some-jar-3.3.1.jar/META-INF/maven/org.eclipse.jetty/jetty-continuation/pom.xml'
05 java.io.IOException: Failed to copy /home/jenkins/workspace/<myFolder><myJob>/some-jar-3.3.1.jar/META-INF/maven/org.eclipse.jetty/jetty-continuation/pom.xml to /opt/jenkins_home/jobs/<myFolder>jobs/<myJob>/builds/33/workspace-files/c2665da6.tmp
06   at hudson.FilePath.copyTo(FilePath.java:1984)
07   at hudson.plugins.analysis.util.Files.copyFilesWithAnnotationsToBuildFolder(Files.java:80)
08   at hudson.plugins.analysis.core.HealthAwareRecorder.copyFilesWithAnnotationsToBuildFolder(HealthAwareRecorder.java:351)
09   at hudson.plugins.analysis.core.HealthAwarePublisher.perform(HealthAwarePublisher.java:91)
10   at hudson.plugins.analysis.core.HealthAwareRecorder.perform(HealthAwareRecorder.java:298)
11   at org.jenkinsci.plugins.workflow.steps.CoreStep$Execution.run(CoreStep.java:78)
...
21 Caused by: java.io.IOException: remote file operation failed: /home/jenkins/workspace/<myFolder><myJob>/some-jar-3.3.1.jar/META-INF/maven/org.eclipse.jetty/jetty-continuation/pom.xml at hudson.remoting.Channel@498c4d00:Build Agent damian (Linux): java.io.FileNotFoundException: /home/jenkins/workspace/<myFolder><myJob>/some-jar-3.3.1.jar/META-INF/maven/org.eclipse.jetty/jetty-continuation/pom.xml (Not a directory)
22   at hudson.FilePath.act(FilePath.java:992)
...
27 Caused by: java.io.FileNotFoundException: /home/jenkins/workspace/<myFolder><myJob>/some-jar-3.3.1.jar/META-INF/maven/org.eclipse.jetty/jetty-continuation/pom.xml (Not a directory)
28   at java.io.FileInputStream.open0(Native Method)
29   at java.io.FileInputStream.open(FileInputStream.java:195)
30   at java.io.FileInputStream.<init>(FileInputStream.java:138)
31   at hudson.FilePath$41.invoke(FilePath.java:2010)


I don't know why this message is printed. I found that:

1. Given jar file exists in mentioned path
2. Double // is something that is probably not correct

Thanks,
Damian

[Steve Springett]

Damian,

Can you post your job config? 

[Steve Springett]

If you want to create a ticket for this, please do so and attach the scan config.

On Wednesday, March 7, 2018 at 6:00:28 AM UTC-6, damian.pu...@gmail.com wrote:

[David Kane]

Folks,

I am curious.  Did this issue ever get resolved?  I am observing something similar, although my context ( PHP source) is different.

I am running through Jenkins, and I do not see any error messages in the console.

Started by user admin1

Building on master in workspace /var/lib/jenkins/jobs/OWASP/workspace

[DependencyCheck] OWASP Dependency-Check Plugin v3.2.1

[DependencyCheck] Executing Dependency-Check with the following options:

[DependencyCheck]  -name = OWASP

[DependencyCheck]  -scanPath = /var/lib/jenkins/jobs/Git_Checkout/workspace

[DependencyCheck]  -outputDirectory = /var/lib/jenkins/jobs/OWASP/workspace

[DependencyCheck]  -dataDirectory = /var/lib/jenkins/jobs/OWASP/workspace/dependency-check-data

[DependencyCheck]  -dataMirroringType = none

[DependencyCheck]  -isQuickQueryTimestampEnabled = true

[DependencyCheck]  -jarAnalyzerEnabled = true

[DependencyCheck]  -nodePackageAnalyzerEnabled = true

[DependencyCheck]  -nspAnalyzerEnabled = true

[DependencyCheck]  -composerLockAnalyzerEnabled = true

[DependencyCheck]  -pythonDistributionAnalyzerEnabled = true

[DependencyCheck]  -pythonPackageAnalyzerEnabled = true

[DependencyCheck]  -rubyBundlerAuditAnalyzerEnabled = false

[DependencyCheck]  -rubyGemAnalyzerEnabled = true

[DependencyCheck]  -cocoaPodsAnalyzerEnabled = true

[DependencyCheck]  -swiftPackageManagerAnalyzerEnabled = true

[DependencyCheck]  -archiveAnalyzerEnabled = true

[DependencyCheck]  -assemblyAnalyzerEnabled = true

[DependencyCheck]  -centralAnalyzerEnabled = true

[DependencyCheck]  -nuspecAnalyzerEnabled = true

[DependencyCheck]  -nexusAnalyzerEnabled = false

[DependencyCheck]  -autoconfAnalyzerEnabled = true

[DependencyCheck]  -cmakeAnalyzerEnabled = true

[DependencyCheck]  -opensslAnalyzerEnabled = true

[DependencyCheck]  -showEvidence = true

[DependencyCheck]  -formats = XML HTML VULN JSON CSV 

[DependencyCheck]  -autoUpdate = true

[DependencyCheck]  -updateOnly = false

[DependencyCheck] Data directory created

[DependencyCheck] Scanning: /var/lib/jenkins/jobs/Git_Checkout/workspace

[DependencyCheck] Analyzing Dependencies

Build step 'Invoke Dependency-Check analysis' changed build result to SUCCESS

[DependencyCheck] Collecting Dependency-Check analysis files...

[DependencyCheck] Searching for all files in /var/lib/jenkins/jobs/OWASP/workspace that match the pattern **/dependency-check-report.xml

[DependencyCheck] Parsing 1 file in /var/lib/jenkins/jobs/OWASP/workspace

[DependencyCheck] Successfully parsed file /var/lib/jenkins/jobs/OWASP/workspace/dependency-check-report.xml with 3 unique warnings and 0 duplicates.

Skipping warnings blame since Git is the only supported SCM up to now.%n

[DependencyCheck] Computing warning deltas based on reference build #3

Finished: SUCCESS

However, when I drill into the results, I see the following in the message below.  File 785f2910.tmp holds the content of this message.  What is odd is that it is describing /var/lib/jenkins/jobs/Git_Checkout/workspace/Miscellaneous/saml/composer.lock:openid/php-openid/dev-master  as a source file.  /var/lib/jenkins/jobs/Git_Checkout/workspace/Miscellaneous/saml/composer.lock is a file, but I am not sure what it is trying to reference starting with the colon.

Any thoughts?

OpenID allows remote attackers to forcibly log a user into an OpenID enabled site, divulge the user's personal information to this site, and add it site to the trusted sites list via a crafted web page, related to cached tokens.
01 Copying the source file '/var/lib/jenkins/jobs/Git_Checkout/workspace/Miscellaneous/saml/composer.lock:openid/php-openid/dev-master' from the workspace to the build folder '785f2910.tmp' on the Jenkins master failed.
02 Is the file '/var/lib/jenkins/jobs/Git_Checkout/workspace/Miscellaneous/saml/composer.lock:openid/php-openid/dev-master' a valid filename?
03 If you are building on a slave: please check if the file is accessible under '$JENKINS_HOME/[job-name]//var/lib/jenkins/jobs/Git_Checkout/workspace/Miscellaneous/saml/composer.lock:openid/php-openid/dev-master'
04 If you are building on the master: please check if the file is accessible under '$JENKINS_HOME/[job-name]/workspace//var/lib/jenkins/jobs/Git_Checkout/workspace/Miscellaneous/saml/composer.lock:openid/php-openid/dev-master'
05 java.io.IOException: Failed to copy /var/lib/jenkins/jobs/Git_Checkout/workspace/Miscellaneous/saml/composer.lock:openid/php-openid/dev-master to /var/lib/jenkins/jobs/OWASP/builds/4/workspace-files/785f2910.tmp
06   at hudson.FilePath.copyTo(FilePath.java:2131)

07   at hudson.plugins.analysis.util.Files.copyFilesWithAnnotationsToBuildFolder(Files.java:80)
08   at hudson.plugins.analysis.core.HealthAwareRecorder.copyFilesWithAnnotationsToBuildFolder(HealthAwareRecorder.java:351)
09   at hudson.plugins.analysis.core.HealthAwarePublisher.perform(HealthAwarePublisher.java:91)
10   at hudson.plugins.analysis.core.HealthAwareRecorder.perform(HealthAwareRecorder.java:298)

11   at hudson.tasks.BuildStepCompatibilityLayer.perform(BuildStepCompatibilityLayer.java:81)
12   at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:20)
13   at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:744)
14   at hudson.model.AbstractBuild$AbstractBuildExecution.performAllBuildSteps(AbstractBuild.java:690)
15   at hudson.model.Build$BuildExecution.post2(Build.java:186)
16   at hudson.model.AbstractBuild$AbstractBuildExecution.post(AbstractBuild.java:635)
17   at hudson.model.Run.execute(Run.java:1819)
18   at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
19   at hudson.model.ResourceController.execute(ResourceController.java:97)
20   at hudson.model.Executor.run(Executor.java:429)
21 Caused by: java.nio.file.NoSuchFileException: /var/lib/jenkins/jobs/Git_Checkout/workspace/Miscellaneous/saml/composer.lock:openid/php-openid/dev-master
22   at sun.nio.fs.UnixException.translateToIOException(UnixException.java:86)
23   at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
24   at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
25   at sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:214)
26   at java.nio.file.Files.newByteChannel(Files.java:361)
27   at java.nio.file.Files.newByteChannel(Files.java:407)
28   at java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider.java:384)
29   at java.nio.file.Files.newInputStream(Files.java:152)
30   at hudson.FilePath$CopyTo.invoke(FilePath.java:2181)
31   at hudson.FilePath$CopyTo.invoke(FilePath.java:2173)
32   at hudson.FilePath.act(FilePath.java:1047)
33   at hudson.FilePath.act(FilePath.java:1025)
34   at hudson.FilePath.copyTo(FilePath.java:2167)
35   at hudson.FilePath.copyTo(FilePath.java:2128)
36   ... 14 more

Thank you.

David

[Steve Springett]

Please open an issue on the Jenkins JIRA instance.

The Dependency-Check plugin does not copy files, and it certainly does not copy files between nodes.  This appears to be an issue with the Dependency-Check Publisher. This could be due to job configuration, analysis-core (which the plugin is built on top of), or Jenkins itself.

https://issues.jenkins-ci.org