jenkinsci / nexus-platform-plugin Goto Github PK

Nexus Platform Plugin for Jenkins

License: Other

Groovy 90.15% Java 4.70% HTML 4.27% CSS 0.34% JavaScript 0.55%

integration nexus-iq nexus-repository jenkins-plugin lifecycle-integrations

nexus-platform-plugin's Introduction

Nexus Platform Plugin

A plugin for integrating Nexus Repository Manager and Nexus Lifecycle into a Jenkins job. Information about using the plugin can be found in Nexus Platform Plugin for Jenkins.

Please use the links below to find information about using the plugin with your desired software

Changelog

3.19.4-01 (April 09, 2024)

Provide latest features for Nexus Lifecycle 1.175.0-01.

release-3.19.3-01 (March 07, 2024)

Provide latest features for Nexus Lifecycle 1.174.0-01.

release-3.19.2-01 (February 08, 2024)

Provide latest features for Nexus Lifecycle 1.173.0-01.

release-3.19.1-01 (January 19, 2024)

Add support for exclude scan pattern
Provide latest features for Nexus Lifecycle 1.171.0-01.

release-3.19.0-01 (December 08, 2023)

Java 11 is the minimum supported Java version
Provide latest features for Nexus Lifecycle 1.170.0-01.

release-3.18.0-03 (November 02, 2023)

Provide latest features for Nexus Lifecycle 1.169.0-01.

3.17.518.v9cb_3ff833922 (September 08, 2023)

Rename the feature previously known as Policy Violation Grandfathering to Legacy Violations.
Provide latest features for Nexus Lifecycle 1.167.0-01.

3.17.514.va_6dfca_8a_f7a_c (September 01, 2023)

Add support for scanning SPDX version 2.3 files.
Provide latest features for Nexus Lifecycle 1.166.0-01.

3.16.510.v4d23e22cf563 (August 01, 2023)

Add support for scanning Java class binaries produced by Java 19 and 20.

3.16.508.vfc408b_9601f0 (July 20, 2023)

Provide latest features for Nexus Lifecycle 1.165.0-01.

3.16.503.vb_a_7b_10f1c4cf (July 05, 2023)

Provide latest features for Nexus Lifecycle 1.164.0-01.

3.16.501.ve3d6b_58f1d37 (June 16, 2023)

Provide latest features for Nexus Lifecycle 1.163.0-01.

3.16.497.vd8491dd15a_8d (June 13, 2023)

Add full support for Java 17
Provide latest features for Nexus Lifecycle 1.162.0-01.

3.16.491.v77a_2f8921c88 (May 12, 2023)

Provide latest features for Nexus Lifecycle 1.161.0-01.

3.16.489.v7cf06846a_c96 (April 20, 2023)

Provide latest features for Nexus Lifecycle 1.160.0-01.

3.16.487.v5d4d3b_6942ee (April 06, 2023)

Provide latest features for Nexus Lifecycle 1.159.0-01.

3.16.485.ve2c3a_17ec407 (March 22, 2023)

For remote image scanning, environmental variables NEXUS_CONTAINER_IMAGE_REGISTRY_USER and NEXUS_CONTAINER_IMAGE_REGISTRY_PASSWORD are not required and are now optional for public images.
Provide latest features for Nexus Lifecycle 1.158.0-01.

3.16.481.ved9f5106e132 (February 27, 2023)

Provide latest features for Nexus Lifecycle 1.156.0-01.

3.16.478.v41ee37380162 (February 13, 2023)

Provide latest features for Nexus Lifecycle 1.155.0-01.

3.16.476.v410d6968f400 (January 27, 2023)

Provide latest features for Nexus Lifecycle 1.153.0-01.

3.16.474.vb_0cdf4908780 (January 16, 2023)

Provide latest features for Nexus Lifecycle 1.152.0-01.

3.16.471.v2dcf088efb_7f (December 14, 2022)

Removing support for scanning IaC targets
Provide latest features for Nexus Lifecycle 1.151.0-01.

3.16.465.ve8709b_fa_df42 (December 01, 2022)

Scanning local images does not require providing environmental variables.
To scan remote images, the user will now have to provide only these variables:
- NEXUS_CONTAINER_IMAGE_REGISTRY_USER
- NEXUS_CONTAINER_IMAGE_REGISTRY_PASSWORD
Provide latest features for Nexus Lifecycle 1.150.0-01.

3.16.459.vcdf273b_29f8c (November 17, 2022)

Fix for an edge case where the policy evaluation pipeline stage is marked UNSTABLE even though no policy violations are present.
Provide latest features for Nexus Lifecycle 1.149.0-01.

3.16.455.vd5654e1c14b_a_ (October 26, 2022)

Provide latest features for Nexus Lifecycle 1.147.0-01.

3.16.453.v39a_b_a_0401562 (October 20, 2022)

Provide latest features for Nexus Lifecycle 1.146.0-01.

3.16.449.v50228c7ca_222 (October 06, 2022)

Policy evaluation stage is marked according to policy actions.
Fix dependency conflict with certain versions of the credentials plugin.
Provide latest features for Nexus Lifecycle 1.145.0-01.

3.16.444.v52b_e5e2db_503 (September 22, 2022)

Add the organization ID parameter, used for automatic IQ apps
Fixing Nexus IQ Build Report to properly show the icon for "notify" actions
Provide latest features for Nexus Lifecycle 1.144.0-05.

3.15.438.vf87a_0dc45166 (September 07, 2022)

Using lightweight Nexus Java API to reduce complexity on class loading for the plugin

Provide latest features for Nexus Lifecycle 1.143.0-01.

3.14.431.v37ca_dc788b_b_1 (July 28, 2022)

Improving summary message for policy evaluations

Provide latest features for Nexus Lifecycle 1.142.0-02.

3.14.424.v8290b_b_ec62cb_ (July 07, 2022)

Provide latest features for Nexus Lifecycle 1.141.0-01.

3.14.418.v7a_687b_6a_4c1d (June 16, 2022)

Provide latest features for Nexus Lifecycle 1.139.0-01.

3.14.415.v4605773547f3 (June 01, 2022)

Provide latest features for Nexus Lifecycle 1.138.0-01.

3.14.412.v8021dc9cc4ef (May 19, 2022)

Provide latest features for Nexus Lifecycle 1.137.0-05.

3.14.407.v9d113b_445204 (April 29, 2022)

Provide latest features for Nexus Lifecycle 1.136.0-01.
Add support for scanning Java class binaries produced by Java 18.

3.14.405.v74e19a_0b_1a_1a_ (March 28, 2022)

Fix a IllegalAccessError that prevents the plugin to run properly in certain cases.

3.14.403.v07c2f1f96d60 (March 24, 2022)

Fix a NoSuchMethodError exception that prevents the plugin to run in certain cases.
Provide latest features for Nexus Lifecycle 1.135.0-01.

3.14.401.v1311ea_023ce5 (March 15, 2022)

Provide latest features for Nexus Lifecycle 1.134.0-02.

3.13.20220304-155321.e7fcac5 (March 04, 2022)

Provide latest features for Nexus Lifecycle 1.133.0-02.

3.13.20220201-143240.3d657a5 (February 01, 2022)

Reduce logging on INFO level

3.13.20220124-164651.0b71b72 (January 24, 2022)

Provide the latest features for Nexus Lifecycle 132
Bug Fix for False Positives in Image Scans

3.13.20220121-121645.a0ca2c5 (January 21, 2022)

Added support for scanning IaC targets

3.13.20211220-113820.efa5a1c (December 20th, 2021)

Conda Matching Improvements
Cran and Cargo Matching Improvements

3.13.20211207-082721.a97491c (December 7th, 2021)

Updated the min Jenkins version required to 2.249.1
Removed obsolete dependencies

3.13.20211117-154915.1ea721a (November 18th, 2021)

Added support for multiple Nexus IQ Servers.

3.12.20211110-124942.5dc6cea (November 11th, 2021)

Fixed java.lang.NoClassDefFoundError: io/jenkins/cli/shaded/org/xml/sax/ContentHandler.

3.12.20211019-085324.d8da475 (October 21th, 2021)

Added support for scanning Java class binaries produced by Java 17.

3.11.20210920-123737.0869e33 (September 20, 2021)

Added support for using environment variables and credentials for required values for container scanning
Made default mount folder for nexus container analysis workspace temp folder

3.11.20210915-164919.37a20aa (September 16, 2021)

Bug fixes
NPM manifest file scans now include dependency information and can identify InnerSource components

3.11.20210824-103237.60c1db0 (August 25, 2021)

Made mount folder for nexus container analysis customisable
Made default mount folder /tmp for nexus container analysis
Improvements in log statements for nexus container analysis

3.11.20210811-095455.fdf8fec (August 11, 2021)

Bug fixes

3.11.20210729-123253.8df0e2b (July 30, 2021)

Handle yarn v2 files
Exclude package-lock.json in favour of npm-shrinkwrap.json
Bug fixes

3.11.20210716-143001.0533f8f (July 16, 2021)

Add change log for 3.11.20210716-075132.3b66565 (July 16, 2021)

3.11.20210716-075132.3b66565 (July 16, 2021)

Add support for nexus container analysis
Make build unstable on scan error

3.11.20210621-093929.6318134 (June 21st, 2021)

Delete temp files from scan after eval
Send licensed features into the scanner
Fix runtime error due to stax2 conflict
Add jenkins version to user agent

3.11.20210420-142258.bdfc332 (April 20th, 2021)

Added support for scanning Java class binaries produced by Java 16.
Fix XStream parser error when scanning nuget manifests

3.11.20210323-112924.daaeac7 (March 24th, 2021)

Fix a regression in configuring the Policy Evaluation task in the UI.

3.11.20210308-082521.0d183ff (March 8th, 2021)

Added scanning and application/package analysis support for Java using a pom.xml or build.gradle file.

3.11.20210301-084816.bd7c972 (March 1, 2021)

Added a Global Configuration option to remove direct IQ reporting of policy violations from Jenkins.

3.10.20210222-102732.7875f67 (February 23rd, 2021)

Update the resultant structure to include the nested dependencies to form a dependency tree when scanning a module.xml file.
Added scanning and application/package analysis support for the following ecosystems:
- NPM using files : yarn.lock, pnpm-lock.yaml, package-lock.json, npm-shrinkwrap.json
- Nuget using packages.config file or .csproj files

3.10.20201208-151941.d953318 (December 8th, 2020)

Added support for running the plugin with Java 11 and 14.
Added support for scanning Java class binaries produced by Java 14 and 15.

3.9.20201109-154552.99ba8b9 (November 9th, 2020)

Added flag to enable debug logging.

3.9.20200722-164144.e3a1be0 (July 22nd, 2020)

Added scanning and application/package analysis support for Conan using a conaninfo.txt file (in addition to the files conanfile.txt and conanfile.py).

3.9.20200716-164408.7b4a45f (July 16th, 2020)

Added scanning and application/package analysis support for Golang using a go.list file (in addition to the file go.sum).

3.9.20200623-110149.2e546a0 (June 23rd, 2020)

Added scanning and application/package analysis support for the following ecosystems:
- Alpine
- Conda
- Debian
- Drupal
- R (Cran)
- Rust (Cargo)
- Swift (Cocoapods)
- Yum
Use policy violation counts instead of component counts in the policy evaluation summary
Fixed an issue with y-axis labels on the new trend graph

3.8.20200204-101107.d1d344b (February 6th, 2020)

Fix to ensure that all Nexus IQ for SCM logging goes to the build log instead of the server log

3.8.20191216-154521.a7bf2be (December 18th, 2019)

Fix additional marshalling issue with new trend graph

3.8.20191213-085900.c28ded4 (December 13th, 2019)

Fix marshalling issue with new trend graph
Fix issue with y-axis number on new trend graph

3.8.20191204-084645.a4bff16 (December 4th, 2019)

Add Nexus IQ Build Report which shows details for warn/fail vulnerabilities
Support slave nodes for automatic repository URL discovery for usage with Nexus IQ for SCM

3.8.20191127-111424.5d61f82 (November 27th, 2019)

Add trend graph to a Pipeline, which depicts the information about the last 5 builds with critical, severe and moderate violation numbers
Support to scan and evaluate Clair identified container dependencies
Support to scan and evaluate identified dependencies from a CycloneDX SBOM file

3.8.20190920-091853.5b0aa4e (September 20th, 2019)

Support for automatically deducing the repository URL for usage with Nexus IQ for SCM

3.7.20190823-091836.9f85050 (August 23rd, 2019)

Support for automatically deducing git commit hash for usage with Nexus IQ for SCM

3.6.20190722-122200.83d1447 (July 22nd, 2019)

BREAKING CHANGES

Nexus IQ 1.69 or newer is a required upgrade to use the Nexus Platform Plugin
Support for Scanning Go Modules
Mitigate IQ Server Client Timeouts

3.5.20190425-152158.c63841b (April 25th, 2019)

Add messages about Nexus Vulnerability Scanner to the plugin
Add ability to provide custom/advanced properties to IQ scanner

3.5.20190422-102004.71358d2 (April 22nd, 2019)

Fix for environmental variables not getting resolved in the tags field

3.5.20190313-114450.3bfee7f (March 13th, 2019)

Support for Java 12 IQ evaluations

3.5.20190215-104018.385de7e (February 18th, 2019)

Support for Scanning Python Wheel Packages

3.4.20190116-104331.e820fec (January 16th, 2019)

Support for Java 10, 11 IQ evaluations
Support for Python coordinate detection via requirements.txt files

3.3.20190108-134259.b70ae43 (January 8th, 2019)

Support for multiple policy evaluations per Jenkins job
Added application name and IQ stage to the entries in the build results
Renamed the "Application Composition Report" to "Nexus IQ Policy Evaluation"

3.3.20181207-134824.d240aa3 (December 12, 2018)

[Fixed] Could not connect to Nexus Repository servers exposed over HTTPS
[Fixed] Proxy settings were not respected when verifying connection to Nexus Repository

3.3.20181129-003933.7701a25 (November 29, 2018)

[Fixed] IQ application list incorrect for jobs configured to use job specific credentials

3.3.20181102-112614.a65c3f1 (November 2, 2018)

[Fixed] Environment variables weren't expanded for manual application IDs

3.3.20181025-134249.614c5f4 (October 25, 2018)

[Fixed] When configuring the 'Invoke Nexus Policy Evaluation' build step, the 'module excludes' field is not persisted on save.
[Fixed] Jenkins Platform Plugin unable to determine Nexus Repository Manager version using Server URL with trailing slash
[Fixed] Jenkins plugin fails requests when Nexus is not at base context path
Add link to plugin documentation for NXRM3 to readme

3.3.20180912-170211.be90294 (September 12, 2018)

The plugin will now emit a warning when the scanner encounters an invalid JAR file:
"[WARN] Could not open some.jar as an archive. Will scan it as regular file."

3.3.20180830-142202.6bdf614 (August 30, 2018)

BREAKING CHANGES

Nexus IQ 1.50 or newer is a required upgrade to use the Nexus Platform Plugin
Support for Nexus IQ Policy Violation Grandfathering.
Fixed snippet generation.

3.3.20180801-112343.4970c8a (August 1, 2018)

New build step available for tag association
Move components using NXRM3 search criteria from Pipeline

3.2.20180724-142843.2f5144d (July 24, 2018)

Added support of Nexus Repository Manager 3.13.0-01 servers for Maven component uploads, and new staging features (for Pro versions): tags, move, and delete.
Please see Nexus Platform Plugin for Jenkins for more details.

3.1.20180702-132131.f6b4592 (July 2, 2018)

Fixes for recording of component occurrences

3.1.20180605-140134.c2e96c4 (June 5, 2018)

Log additions for automatic application creation

3.0.20180531-100044.36b733a (May 31, 2018)

UI fixes for chiclet style on older versions of Jenkins

3.0.20180425-130011.728733c (April 25, 2018)

BREAKING CHANGES

Nexus IQ 1.47 or newer is a required upgrade to use the Nexus Platform Plugin
Support for Nexus IQ automatic application creation

3.0.20180214-134325.e135900 (February 14, 2018)

BREAKING CHANGES

Pipeline jobs using the plugin will now fail during execution if a policy action is set to fail the build. This is different from previous behavior which would set the build result to failure but allow the build to continue. This is adopting standard practice for Jenkins pipeline plugins and allows more visibility into what has failed and why. Pipelines that require continuation of the build will have to surround the plugin step with try catch, where the evaluation information is now wrapped in the exception argument.
The pipeline step has always returned a model for the evaluation containing information about the results. The ApplicationPolicyEvaluation will no longer include a boolean for reevaluation therefore calls to get or set this will fail. The Jenkins pipeline has never supported reevaluation and this boolean has always returned false. For simplification, it has been removed.

CHANGES

Module.xml evaluation support. The Nexus Platform Plugin for Jenkins now supports policy evaluations against results generated by the clm-maven-plugin index goal. The new plugin will scan module.xml files available in '/sonatype-clm/module.xml', '/nexus-iq/module.xml' and will support module exclude patterns to exclude these files if desired.
Fix for directory structure of JavaScript files scanned by the plugin
No longer requires optional parameters to be declared in declarative pipelines
All users can now select credentials for jobs as long as they have the appropriate permissions to configure the job and view the credentials

1.6.20180123-131927.f506018 (January 23, 2018)

Whitelist updates to support JEP-200

1.5.20171121-095817.c18bf4f (November 21, 2017)

Support for Java 9 IQ evaluations

1.4.20170929-233916.04479e6 (September 29, 2017)

Update upstream dependencies to consume latest IQ server Application Evaluation result
Fix for throwing serializable exception upon client exception

1.3.20170728-122322.902d97e (July 28, 2017)

Support for Docker image evaluations

1.2.20170627-094410.1e61c09 (June 27th, 2017)

Support for credentials in Folder stores
Support for Certificate credentials through the Credentials Plugin

1.2.20170428-142845.cb63c9e (April 28th, 2017)

Support for Nexus Publish when remote agent is used for build.

1.2.20170417-120258.3e88a58 (April 17th, 2017)

Fix for connection pool saturation when publishing many components.

1.2.20170404-163441.794de4c (April 4th, 2017)

Initial release to the Jenkins Update Center.

LICENSE

Copyright (c) 2016-present Sonatype, Inc. All rights reserved.

This program is licensed to you under the Apache License Version 2.0,
and you may not use this file except in compliance with the Apache License Version 2.0.
You may obtain a copy of the Apache License Version 2.0 at http://www.apache.org/licenses/LICENSE-2.0.

Unless required by applicable law or agreed to in writing,
software distributed under the Apache License Version 2.0 is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the Apache License Version 2.0 for the specific language governing permissions and limitations there under.

nexus-platform-plugin's People

Contributors

Stargazers

Watchers

Forkers

ranamfayyaz laananirami tneer balim rboergertenable jglick bpd1069 sonatype vardhan0707 drakun shun-sugimoto snstockton mikecraig6810 based2 vic614 raghuramnaidu fulgas yifangd prasannashasthridevops joelarnaud mdaffern lrpg bigspotteddog kakumara dariver jrojasgon mealingr schottsfired afifceshter renuram3 savag3life ricksbrown basil greycr0w jetersen ajayarath89 tanmaiteju sunilgd m-leena sunakarasatish xieguoking dduportal leob-morean markewaite entroform anddann langyizhao

nexus-platform-plugin's Issues

Getting java.lang.NoSuchMethodError: hidden.javax.xml.stream.XMLInputFactory.newFactory

Jenkins and plugins versions report

Environment

Jenkins: 2.289.1
OS: Linux - 4.14.262-135.489.amzn1.x86_64

What Operating System are you using (both controller, and any agents involved in the problem)?

Amazon linux 2

Reproduction steps

Does not work in the latest version: 3.14.401.v1311ea_023ce5
But does work in version: 3.13.20220304-155321.e7fcac5

I am getting an exception when running the plugin, I don't really have enough info to deliver a good error report, sorry about that.

Expected Results

No exception

Actual Results

At first this appears:

Starting scanning target: /home/core/workspace/service_master/build/docker/main/layers/application.jar
Starting scanning target: /home/core/workspace/service_master/build/docker/main/layers/libs/HdrHistogram-2.1.12.jar
Starting scanning target: /home/core/workspace/service_master/build/docker/main/layers/libs/HikariCP-4.0.3.jar

And then this exception appears:

java.lang.NoSuchMethodError: hidden.javax.xml.stream.XMLInputFactory.newFactory(Ljava/lang/String;Ljava/lang/ClassLoader;)Lhidden/javax/xml/stream/XMLInputFactory;
15:23:27  	at com.fasterxml.jackson.dataformat.xml.XmlFactory.<init>(XmlFactory.java:115)
15:23:27  	at com.fasterxml.jackson.dataformat.xml.XmlFactory.<init>(XmlFactory.java:101)
15:23:27  	at com.fasterxml.jackson.dataformat.xml.XmlFactory.<init>(XmlFactory.java:85)
15:23:27  	at com.fasterxml.jackson.dataformat.xml.XmlMapper.<init>(XmlMapper.java:127)
15:23:27  	at org.cyclonedx.generators.xml.AbstractBomXmlGenerator.<init>(AbstractBomXmlGenerator.java:48)
15:23:27  	at org.cyclonedx.generators.xml.BomXmlGenerator13.<init>(BomXmlGenerator13.java:42)
15:23:27  	at org.cyclonedx.BomGeneratorFactory.createXml(BomGeneratorFactory.java:52)
15:23:27  	at hidden.com.sonatype.insight.scan.file.SbomUtils.createSbomXmlString(SbomUtils.java:38)
15:23:27  	at hidden.com.sonatype.insight.scan.file.MavenPomProcessor.process(MavenPomProcessor.java:65)
15:23:27  	at hidden.com.sonatype.insight.scan.file.ManifestContentProcessor.setScanItemContent(ManifestContentProcessor.java:292)
15:23:27  	at hidden.com.sonatype.insight.scan.file.FileVisitor.visitFile(FileVisitor.java:280)
15:23:27  	at hidden.com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:86)
15:23:27  	at hidden.com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:23:27  	at hidden.com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:23:27  	at hidden.com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:23:27  	at hidden.com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:23:27  	at hidden.com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:23:27  	at hidden.com.sonatype.insight.scan.file.FileWalker.walk(FileWalker.java:35)
15:23:27  	at hidden.com.sonatype.insight.scan.file.FileScanner.scan(FileScanner.java:93)
15:23:27  	at com.sonatype.nexus.api.iq.scan.Scanner.scanFiles(Scanner.java:158)
15:23:27  	at com.sonatype.nexus.api.iq.scan.Scanner.scan(Scanner.java:115)
15:23:27  	at com.sonatype.nexus.api.iq.impl.DefaultIqClient.scan(DefaultIqClient.java:255)
15:23:27  	at com.sonatype.nexus.api.iq.impl.DefaultIqClient.scan(DefaultIqClient.java:233)
15:23:27  	at com.sonatype.nexus.api.iq.internal.InternalIqClient$scan.call(Unknown Source)
15:23:27  	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
15:23:27  	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
15:23:27  	at org.sonatype.nexus.ci.iq.RemoteScanner.call(RemoteScanner.groovy:106)
15:23:27  	at org.sonatype.nexus.ci.iq.RemoteScanner.call(RemoteScanner.groovy)
15:23:27  	at hudson.remoting.UserRequest.perform(UserRequest.java:211)
15:23:27  	at hudson.remoting.UserRequest.perform(UserRequest.java:54)
15:23:27  	at hudson.remoting.Request$2.run(Request.java:376)
15:23:27  	at hudson.remoting.InterceptingExecutorService.lambda$wrap$0(InterceptingExecutorService.java:78)

Anything else?

No response

Support using individuel project's nexus configuration instead of nexusInstanceId

What feature do you want to see added?

Hi,
It will be nice to give the possibility for the projects to add their own nexus configuration (serverUrl, credentialsId) instead of the Global nexusInstantId .

Something like this will be more helpfull:

createTag credentialsId: 'projects-user', serverUrl: 'https://nexux' , tagAttributesJson: '{}', tagName: 'build-125'

Upstream changes

No response

Uploading artifacts to Nrm2 hangs

I use JCaasC and no config config has changed but i recently redeployed the server and now, with the latest version of the plugin, I can't connect to my nexus server.

If i curl -IL http://internal.nexusserver.com from the Jenkins server I get a 200 response from my Nexus server (Nexus v 2.11.2 (I know it's old, working in replacing it))

Version report

Jenkins and plugins versions report:

Jenkins: 2.303.2
OS: Linux - 4.14.248-189.473.amzn2.x86_64
---
Office-365-Connector:4.15.2
ace-editor:1.1
apache-httpcomponents-client-4-api:4.5.13-1.0
authentication-tokens:1.4
aws-credentials:1.32
aws-java-sdk:1.12.89-292.v2712528e879c
aws-java-sdk-cloudformation:1.12.89-292.v2712528e879c
aws-java-sdk-codebuild:1.12.89-292.v2712528e879c
aws-java-sdk-ec2:1.12.89-292.v2712528e879c
aws-java-sdk-ecr:1.12.89-292.v2712528e879c
aws-java-sdk-ecs:1.12.89-292.v2712528e879c
aws-java-sdk-elasticbeanstalk:1.12.89-292.v2712528e879c
aws-java-sdk-iam:1.12.89-292.v2712528e879c
aws-java-sdk-logs:1.12.89-292.v2712528e879c
aws-java-sdk-minimal:1.12.89-292.v2712528e879c
aws-java-sdk-ssm:1.12.89-292.v2712528e879c
bitbucket:1.1.29
blueocean:1.25.1
blueocean-autofavorite:1.2.4
blueocean-bitbucket-pipeline:1.25.1
blueocean-commons:1.25.1
blueocean-config:1.25.1
blueocean-core-js:1.25.1
blueocean-dashboard:1.25.1
blueocean-display-url:2.4.1
blueocean-events:1.25.1
blueocean-git-pipeline:1.25.1
blueocean-github-pipeline:1.25.1
blueocean-i18n:1.25.1
blueocean-jwt:1.25.1
blueocean-personalization:1.25.1
blueocean-pipeline-api-impl:1.25.1
blueocean-pipeline-editor:1.25.1
blueocean-pipeline-scm-api:1.25.1
blueocean-rest:1.25.1
blueocean-rest-impl:1.25.1
blueocean-web:1.25.1
bootstrap4-api:4.6.0-3
bootstrap5-api:5.1.1-1
bouncycastle-api:2.25
branch-api:2.7.0
caffeine-api:2.9.2-29.v717aac953ff3
checks-api:1.7.2
cloudbees-bitbucket-branch-source:2.9.11
cloudbees-folder:6.16
command-launcher:1.2
config-file-provider:3.8.1
configuration-as-code:1.54
configuration-as-code-secret-ssm:1.0.1
credentials:2.6.1
credentials-binding:1.27
display-url-api:2.3.5
docker-commons:1.17
docker-workflow:1.26
durable-task:1.39
ec2-fleet:2.3.6
echarts-api:5.2.1-2
favorite:2.3.3
font-awesome-api:5.15.4-1
git:4.9.0
git-client:3.10.0
git-server:1.10
github:1.34.1
github-api:1.133
github-branch-source:2.11.3
handlebars:3.0.8
handy-uri-templates-2-api:2.1.8-1.0
htmlpublisher:1.27
jackson2-api:2.13.0-230.v59243c64b0a5
jaxb:2.3.0
jdk-tool:1.0
jenkins-design-language:1.25.1
jjwt-api:0.11.2-9.c8b45b8bb173
job-dsl:1.77
jquery3-api:3.6.0-2
jsch:0.1.55.2
junit:1.53
lockable-resources:2.12
mailer:1.34
matrix-project:1.19
mercurial:2.15
momentjs:1.1.1
nexus-jenkins-plugin:3.12.20211019-085324.d8da475
okhttp-api:3.14.9
pipeline-build-step:2.15
pipeline-graph-analysis:1.11
pipeline-input-step:2.12
pipeline-milestone-step:1.3.2
pipeline-model-api:1.9.2
pipeline-model-definition:1.9.2
pipeline-model-extensions:1.9.2
pipeline-rest-api:2.19
pipeline-stage-step:2.5
pipeline-stage-tags-metadata:1.9.2
pipeline-stage-view:2.19
pipeline-utility-steps:2.10.0
plain-credentials:1.7
plugin-usage-plugin:2.0
plugin-util-api:2.5.0
popper-api:1.16.1-2
popper2-api:2.10.2-1
pubsub-light:1.16
resource-disposer:0.16
saml:2.0.9
scm-api:2.6.5
script-security:1.78
simple-theme-plugin:0.7
snakeyaml-api:1.29.1
sonar:2.13.1
sse-gateway:1.24
ssh-credentials:1.19
ssh-slaves:1.33.0
ssh-steps:2.0.0
sshd:3.1.0
structs:1.23
token-macro:266.v44a80cf277fd
trilead-api:1.0.13
variant:1.4
workflow-aggregator:2.6
workflow-api:2.47
workflow-basic-steps:2.24
workflow-cps:2.94
workflow-cps-global-lib:2.21
workflow-durable-task-step:2.40
workflow-job:2.42
workflow-multibranch:2.26
workflow-scm-step:2.13
workflow-step-api:2.24
workflow-support:3.8
ws-cleanup:0.39

What Operating System are you using (both controller, and any agents involved in the problem)?

Master: ECS-optimized Amazon Linux 2, running  jenkins:lts
Agent: ECS-optimized Amazon Linux 2, running  maven:3.6.3-openjdk-8

Reproduction steps

1: https://jenkins.instance.com/configure -> Sonatype Nexus -> Select 'Test Connection'

Results

I get the error
"A problem occurred while processing the request."

Expected result:
Connection successful

Actual result:
My build jobs are hanging cause they can't connect to the Nexus Server.

Support using Java 11

While using the Nexus Platform plugin for Jenkins using Java 11 there’s an error configuring a Nexus Repository Manager 3.x Server. Upon clicking “Test connection” there’s an error requiring JAXB-API. Reverting the Jenkins instance back to Java 8 using the same configuration works properly.

System Information:
Jenkins 2.235.5 - Java openjdk version “11.0.9”
Nexus Platform Plugin 3.9.20201109-154552.99ba8b9
Nexus OSS 3.28.1-01

While investigating this error I came across this PR adding Java 11 support by adding the missing JAXB dependencies, but it was closed and never merged.

nexus-error.txt

Pipeline stage should also be marked as unstable/failure, not only entire build

Dependencies

Scripted or declarative pipeline build job.

Feature Request

I'd like to see the current step marked as unstable or failed, not only the entire build. Currently, it's quite cumbersome to find out why a build has failed or become unstable because the current stage isn't marked, only the entire build.

Nexus upload Fails with com.sonatype.nexus.api.zz.gq: status code: 400

We are trying to upload artifacts from jenkins to nexus repository manager but keep failing with the following exception:

com.sonatype.nexus.api.zz.gq: status code: 400, reason phrase: Bad Request
	at com.sonatype.nexus.api.zz.gr.handleResponse(SourceFile:51)
	at org.apache.http.impl.client.CloseableHttpClient.execute(SourceFile:223)
	at org.apache.http.impl.client.CloseableHttpClient.execute(SourceFile:165)
	at com.sonatype.nexus.api.zz.gl.a(SourceFile:83)
Caused: com.sonatype.nexus.api.exception.RepositoryManagerException: Upload component was unsuccessful (400 response from server)
	at com.sonatype.nexus.api.zz.gl.a(SourceFile:105)
	at com.sonatype.nexus.api.zz.gl.a(SourceFile:86)
	at com.sonatype.nexus.api.zz.gl.a(SourceFile:64)
	at com.sonatype.nexus.api.zz.gk.upload(SourceFile:153)
	at com.sonatype.nexus.api.repository.v3.RepositoryManagerV3Client$upload.call(Unknown Source)
	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:141)
	at org.sonatype.nexus.ci.nxrm.v3.ComponentUploaderNxrm3$_upload_closure2.doCall(ComponentUploaderNxrm3.groovy:81)
Caused: java.io.IOException
	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
	at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
	at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
	at org.codehaus.groovy.reflection.CachedConstructor.invoke(CachedConstructor.java:83)
	at org.codehaus.groovy.runtime.callsite.ConstructorSite$ConstructorSiteNoUnwrapNoCoerce.callConstructor(ConstructorSite.java:105)
	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallConstructor(CallSiteArray.java:60)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callConstructor(AbstractCallSite.java:235)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callConstructor(AbstractCallSite.java:247)
	at org.sonatype.nexus.ci.nxrm.v3.ComponentUploaderNxrm3$_upload_closure2.doCall(ComponentUploaderNxrm3.groovy:84)
Caused: java.io.IOException: Upload of maven component with GAV [com.test:foo:1.0.0-SNAPSHOT] failed
	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
	at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
	at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
	at org.codehaus.groovy.reflection.CachedConstructor.invoke(CachedConstructor.java:83)
	at org.codehaus.groovy.runtime.callsite.ConstructorSite$ConstructorSiteNoUnwrapNoCoerce.callConstructor(ConstructorSite.java:105)
	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallConstructor(CallSiteArray.java:60)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callConstructor(AbstractCallSite.java:235)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callConstructor(AbstractCallSite.java:255)
	at org.sonatype.nexus.ci.nxrm.v3.ComponentUploaderNxrm3$_upload_closure2.doCall(ComponentUploaderNxrm3.groovy:94)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:93)
	at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:325)
	at org.codehaus.groovy.runtime.metaclass.ClosureMetaClass.invokeMethod(ClosureMetaClass.java:294)
	at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
	at groovy.lang.Closure.call(Closure.java:414)
	at org.codehaus.groovy.runtime.DefaultGroovyMethods.callClosureForMapEntry(DefaultGroovyMethods.java:5276)
	at org.codehaus.groovy.runtime.DefaultGroovyMethods.each(DefaultGroovyMethods.java:2117)
	at org.codehaus.groovy.runtime.dgm$164.invoke(Unknown Source)
	at org.codehaus.groovy.runtime.callsite.PojoMetaMethodSite$PojoMetaMethodSiteNoUnwrapNoCoerce.invoke(PojoMetaMethodSite.java:274)
	at org.codehaus.groovy.runtime.callsite.PojoMetaMethodSite.call(PojoMetaMethodSite.java:56)
	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:125)
	at org.sonatype.nexus.ci.nxrm.v3.ComponentUploaderNxrm3.upload(ComponentUploaderNxrm3.groovy:53)
	at org.sonatype.nexus.ci.nxrm.v3.ComponentUploaderNxrm3$upload.callCurrent(Unknown Source)
	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallCurrent(CallSiteArray.java:52)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:154)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:182)
	at org.sonatype.nexus.ci.nxrm.ComponentUploader.uploadComponents(ComponentUploader.groovy:82)
	at org.sonatype.nexus.ci.nxrm.ComponentUploader$uploadComponents.call(Unknown Source)
	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:141)
	at org.sonatype.nexus.ci.nxrm.PackagePublisherExecution.run(PackagePublisherExecution.groovy:44)
	at org.sonatype.nexus.ci.nxrm.PackagePublisherExecution.run(PackagePublisherExecution.groovy)
	at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1$1.call(AbstractSynchronousNonBlockingStepExecution.java:47)
	at hudson.security.ACL.impersonate(ACL.java:367)
	at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1.run(AbstractSynchronousNonBlockingStepExecution.java:44)
	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at java.lang.Thread.run(Thread.java:748)
Finished: FAILURE

The environment we are using is as follow:

Jenkins: 2.235.1
nexus platform plugin: 3.10.20201208-151941.d953318
Nexus OSS: OSS 3.21.2-03

JCasC config:

...
unclassified:
    globalNexusConfiguration:
        nxrmConfigs:
        - nxrm3Configuration:
            credentialsId: nexusCredentials
            displayName: nexus
            id: nexus
            internalId: nexus
            serverUrl: https://<nexus.url>
...

Pipeline:

def buildPod = '''
apiVersion: v1
kind: Pod
spec:
  containers:
    - name: jnlp
      image: jenkins/jnlp-slave:alpine
      imagePullPolicy: IfNotPresent
  imagePullSecrets:
    - name: registry-secret
'''

pipeline {
    agent {
        kubernetes {
            yaml buildPod
            defaultContainer 'jnlp'
        }
    }

    stages {
        stage('create tar') {
            steps {
                sh '''
                    echo foo >> foo
                    tar -cvf foo.tar foo
                '''
            }
        }

        stage('NexusUpload') {
            steps {
                nexusPublisher nexusInstanceId: 'nexus', nexusRepositoryId: 'maven-snapshots', packages: [[$class: 'MavenPackage', mavenAssetList: [[classifier: 'FOO', extension: 'tar', filePath: 'foo.tar']], mavenCoordinate: [artifactId: 'foo', groupId: 'com.test', packaging: 'tar', version: '1.0.0-SNAPSHOT']]]
            }
        }
    }
}

No pom file for version 3.13.20220124-204320.8222771

My issues doesn't really fit under any of the categories for this repository. I needed to get in contact with someone who maintains this plugin since we are having trouble downloading it from https://repo.jenkins-ci.org

Currently our team maintains an internal Jenkins Plugin Mirror which downloads plugins for our customers to use. However for nexus-jenkins-plugin, the version our plugin mirror tries to download doesn't have the .pom file it expects, and then crashes.

It tries to download the plugin from here: https://repo.jenkins-ci.org/artifactory/releases/org/sonatype/nexus/ci/nexus-jenkins-plugin/3.13.20220124-204320.8222771/

For some reason that is the only version I could find of your plugin which doesn't have anything but a .hpi file (no pom, no jar). Please direct me to someone I can contact about this issue

use nexusPolicyEvaluation to push to different organization in NexusIQ

We are using nexusPolicyEvaluation to scan our images with NexusIQ lifecycle. Currently, it's going to the default organization which is mentioned automatic application section.

Is it possible to add an option to mention the organization while doing the scan ?

The rationale behind this is to set the policy based on organizations in NexusIQ.

Details:
Nexus platform plugin version : 3.11.20210420-142258.bdfc332
Jenkins version: 2.289.1
NexusIQ lifecycle version : 128

Sample code which we are using as of now

try {
    def policyEvaluation = nexusPolicyEvaluation failBuildOnNetworkError: false,
      iqApplication: "${name}_${tag}",
      iqScanPatterns: [[scanPattern: '*.tar']],
      iqStage: "${imgLifecycleStage}"
    echo "Successfully scanned image ${imgId}: ${policyEvaluation.applicationCompositionReportUrl}"
    return policyEvaluation
  }

jenkins job is successful only, if we provide nx-admin credentials

I have a repository. I have given admin privileges of that repository to a user. By using that user credentials, Jenkins job is failing.
Error:-
npm ERR! code E401
npm ERR! Unable to authenticate, need: BASIC realm="Sonatype Nexus Repository Manager"
npm verb exit [ 1, true ]
npm http fetch GET 401 https://pie-nexus.xxxxxx.com/repository/pie-npm-group/react-router-dom/-/react-router-dom-5.3.0.tgz 5061ms

But, when I give nx-admin role to that user, jerkins job is working.

My doubt is, Does it require nx-admin credentials, to run Jenkins job for nexus automation (or) requires only particular repository admin access

All publishing to All Repository Types

What feature do you want to see added?

Hi, the current restriction to only Maven2 Repositories is very limiting, especially when Jenkins and Nexus are used from such a wide variety of use cases outside of java. As such I would suggest expanding the "Nexus Repository Manager Publisher" to also allow for the other repository types to be used. Thank you -AwesomeDude091

Upstream changes

No response

Nexus IQ Scan in declaritive Pipeline can't scan multiple applications in one build correctly

Jenkins and plugins versions report

Environment

Jenkins: 2.387.3
OS: Windows Server 2019 - 10.0
Java: 11.0.16 - Oracle Corporation (Java HotSpot(TM) 64-Bit Server VM)
---
JDK_Parameter_Plugin:1.2
NegotiateSSO:105.vf0d0de2a_b_8a_5
Parameterized-Remote-Trigger:3.1.6.3
PrioritySorter:4.1.0
ace-editor:1.1
active-directory:2.30
analysis-model-api:11.1.0
ansible:174.vfd5323d2b_9d8
ansible-tower:0.16.0
ansicolor:1.0.2
ant:487.vd79d090d4ea_e
antisamy-markup-formatter:159.v25b_c67cd35fb_
any-buildstep:14.ve115ec1484f0
apache-httpcomponents-client-4-api:4.5.14-150.v7a_b_9d17134a_5
artifactdeployer:1.3
atlassian-bitbucket-server-integration:3.3.2
audit-trail:333.vb_e1b_b_0f1238c
authentication-tokens:1.53.v1c90fd9191a_b_
authorize-project:1.5.1
badge:1.9.1
bitbucket:223.vd12f2bca5430
bitbucket-approval-filter:1.0.3
bitbucket-filter-project-trait:1.0
bitbucket-pullrequest-builder:1.5.0
bitbucket-pullrequests-filter:13.vda_de92e841b_b_
bitbucket-push-and-pull-request:2.8.3
bitbucket-scm-filter-aged-refs:31.ve3b_ca_fc71d5b_
bitbucket-scm-filter-jira-validator:0.1.0
bitbucket-scm-trait-commit-skip:0.4.0
blueocean:1.27.3
blueocean-autofavorite:1.2.5
blueocean-bitbucket-pipeline:1.27.3
blueocean-commons:1.27.3
blueocean-config:1.27.3
blueocean-core-js:1.27.3
blueocean-dashboard:1.27.3
blueocean-display-url:2.4.2
blueocean-events:1.27.3
blueocean-git-pipeline:1.27.3
blueocean-github-pipeline:1.27.3
blueocean-i18n:1.27.3
blueocean-jira:1.27.3
blueocean-jwt:1.27.3
blueocean-personalization:1.27.3
blueocean-pipeline-api-impl:1.27.3
blueocean-pipeline-editor:1.27.3
blueocean-pipeline-scm-api:1.27.3
blueocean-rest:1.27.3
blueocean-rest-impl:1.27.3
blueocean-web:1.27.3
bootstrap4-api:4.6.0-5
bootstrap5-api:5.3.0-1
bouncycastle-api:2.28
branch-api:2.1071.v1a_188a_562481
build-blocker-plugin:1.7.8
build-environment:1.7
build-failure-analyzer:2.4.1
build-pipeline-plugin:1.5.8
build-timeout:1.30
build-timestamp:1.0.3
build-user-vars-plugin:1.9
buildtriggerbadge:251.vdf6ef853f3f5
built-on-column:1.4
caffeine-api:3.1.6-115.vb_8b_b_328e59d8
checks-api:2.0.0
cloudbees-bitbucket-branch-source:800.va_b_b_9a_a_5035c1
cloudbees-folder:6.815.v0dd5a_cb_40e0e
code-coverage-api:4.4.0
command-launcher:100.v2f6722292ee8
commons-httpclient3-api:3.1-3
commons-lang3-api:3.12.0-36.vd97de6465d5b_
commons-text-api:1.10.0-36.vc008c8fcda_7b_
conditional-buildstep:1.4.2
config-file-provider:3.11.1
configuration-as-code:1625.v27444588cc3d
configurationslicing:430.v966357576543
configure-job-column-plugin:84.v792c9269f95a
coordinator:1.4.0
copyartifact:698.v393f578eb_ddc
countjobs-viewstabbar:1.0.1
credentials:1236.v31e44e6060c0
credentials-binding:604.vb_64480b_c56ca_
cron_column:1.7
cvs:2.19.1
dashboard-view:2.472.v9ff2a_e6a_c529
data-tables-api:1.13.3-3
delivery-pipeline-plugin:1.4.2
depgraph-view:1.0.5
display-url-api:2.3.7
docker-commons:419.v8e3cd84ef49c
docker-workflow:563.vd5d2e5c4007f
doclinks:0.6.1
downstream-ext:73.vdda_16e6eb_0da
durable-task:506.v1b_3e14b_6f5da_
dynamic_extended_choice_parameter:1.0.1
dynamicparameter:0.2.0
echarts-api:5.4.0-5
email-ext:2.96
envinject:2.901.v0038b_6471582
envinject-api:1.199.v3ce31253ed13
extended-read-permission:3.2
extensible-choice-parameter:1.8.0
external-monitor-job:203.v683c09d993b_9
favorite:2.4.1
flexible-publish:0.16.1
font-awesome-api:6.3.0-2
forensics-api:2.1.0
generic-webhook-trigger:1.86.3
git:5.0.1
git-client:4.2.0
git-server:99.va_0826a_b_cdfa_d
github:1.37.0
github-api:1.303-417.ve35d9dd78549
github-branch-source:1703.vd5a_2b_29c6cdc
github-scm-trait-commit-skip:0.4.0
global-post-script:1.1.4
google-oauth-plugin:1.0.8
gradle:2.6
groovy:453.vcdb_a_c5c99890
groovy-postbuild:2.5
handlebars:3.0.8
handy-uri-templates-2-api:2.1.8-22.v77d5b_75e6953
hidden-parameter:94.ve2cefce14d3f
htmlpublisher:1.31
http_request:1.16
instance-identity:173.va_37c494ec4e5
ionicons-api:45.vf54fca_5d2154
jackson2-api:2.15.2-350.v0c2f3f8fc595
jakarta-activation-api:2.0.1-3
jakarta-mail-api:2.0.1-3
javadoc:233.vdc1a_ec702cff
javax-activation-api:1.2.0-6
javax-mail-api:1.6.2-9
jaxb:2.3.8-1
jdk-tool:66.vd8fa_64ee91b_d
jenkins-design-language:1.27.3
jenkinswalldisplay:0.6.34
jersey2-api:2.39.1-1
jira:3.9
jira-ext:0.9
jira-trigger:1.0.2
jjwt-api:0.11.5-77.v646c772fddb_0
jnr-posix-api:3.1.16-2
job-dsl:1.83
job-import-plugin:3.6
jobConfigHistory:1207.vd28a_54732f92
jquery:1.12.4-1
jquery-detached:1.2.1
jquery3-api:3.7.0-1
jsch:0.2.8-65.v052c39de79b_2
junit:1207.va_09d5100410f
kerberos-sso:1.11
kubernetes:3923.v294a_d4250b_91
kubernetes-client-api:6.4.1-215.v2ed17097a_8e9
kubernetes-credentials:0.10.0
ldap:673.v034ec70ec2b_b_
lockable-resources:1150.v59db_2b_994618
log-parser:2.3.0
mac:1.6.1
mailer:457.v3f72cb_e015e5
mapdb-api:1.0.9-28.vf251ce40855d
mask-passwords:150.vf80d33113e80
matrix-auth:3.1.8
matrix-project:789.v57a_725b_63c79
maven-plugin:3.22
mercurial:1260.vdfb_723cdcc81
metrics:4.2.13-420.vea_2f17932dd6
mina-sshd-api-common:2.10.0-69.v28e3e36d18eb_
mina-sshd-api-core:2.10.0-69.v28e3e36d18eb_
momentjs:1.1.1
monitoring:1.94.0
multi-branch-priority-sorter:1.0
nexus-artifact-uploader:2.14
nexus-jenkins-plugin:3.19.1-01
nexus-task-runner:0.9.2
nodejs:1.6.0
nodelabelparameter:1.11.0
oauth-credentials:0.645.ve666a_c332668
okhttp-api:4.10.0-132.v7a_7b_91cef39c
openshift-client:1.0.38
openshift-login:1.0.29
openshift-sync:1.0.55
pam-auth:1.10
parameterized-scheduler:1.2
parameterized-trigger:2.45
permissive-script-security:0.7
persistent-parameter:1.3
pipeline-build-step:491.v1fec530da_858
pipeline-github-lib:42.v0739460cda_c4
pipeline-graph-analysis:202.va_d268e64deb_3
pipeline-groovy-lib:656.va_a_ceeb_6ffb_f7
pipeline-input-step:468.va_5db_051498a_4
pipeline-milestone-step:111.v449306f708b_7
pipeline-model-api:2.2131.vb_9788088fdb_5
pipeline-model-definition:2.2131.vb_9788088fdb_5
pipeline-model-extensions:2.2131.vb_9788088fdb_5
pipeline-rest-api:2.32
pipeline-stage-step:305.ve96d0205c1c6
pipeline-stage-tags-metadata:2.2131.vb_9788088fdb_5
pipeline-stage-view:2.32
pipeline-utility-steps:2.15.2
plain-credentials:143.v1b_df8b_d3b_e48
plugin-util-api:3.3.0
popper-api:1.16.1-3
popper2-api:2.11.6-2
postbuildscript:3.2.0-460.va_fda_0fa_26720
powershell:2.0
preSCMbuildstep:71.v1f2990a_37e27
prereq-buildstep:1.1
prism-api:1.29.0-4
publish-over:0.22
publish-over-ftp:1.17
publish-to-bitbucket:0.4
pubsub-light:1.17
quality-gates:2.5
rebuild:320.v5a_0933a_e7d61
regexemail:0.3
resource-disposer:0.22
role-strategy:631.va_dd0d500b_fc5
run-condition:1.5
scm-api:667.v8b_6e07cdc7f2
scm2job:2.5
scp:1.8
script-security:1244.ve463715a_f89c
scriptler:3.5
show-build-parameters:1.0
simple-build-for-pipeline:0.2
skip-notifications-trait:148.v269dccfa_1426
sloccount:1.27
snakeyaml-api:1.33-95.va_b_a_e3e47b_fa_4
sonar:2.15
sonar-quality-gates:1.3.1
sonarqube-generic-coverage:1.0
sse-gateway:1.26
ssh:2.6.1
ssh-agent:333.v878b_53c89511
ssh-credentials:305.v8f4381501156
ssh-slaves:2.877.v365f5eb_a_b_eec
ssh-steps:2.0.65.vd26b_5b_9b_de4d
sshd:3.303.vefc7119b_ec23
startup-trigger-plugin:2.9.3
stashNotifier:1.28
structs:324.va_f5d6774f3a_d
subversion:2.17.2
template-project:1.5.2
test-results-analyzer:0.4.0
text-finder:1.24
throttle-concurrents:2.13
timestamper:1.24
token-macro:359.vb_cde11682e0c
translation:1.16
trilead-api:2.84.v72119de229b_7
uno-choice:2.6.5
variant:59.vf075fe829ccb
view-job-filters:364.v48a_33389553d
violation-comments-to-stash:1.130
warnings-ng:10.1.0
workflow-aggregator:596.v8c21c963d92d
workflow-api:1213.v646def1087f9
workflow-basic-steps:1017.vb_45b_302f0cea_
workflow-cps:3659.v582dc37621d8
workflow-cps-global-lib:609.vd95673f149b_b
workflow-durable-task-step:1246.v5524618ea_097
workflow-job:1292.v27d8cc3e2602
workflow-multibranch:746.v05814d19c001
workflow-scm-step:408.v7d5b_135a_b_d49
workflow-step-api:639.v6eca_cd8c04a_a_
workflow-support:839.v35e2736cfd5c
ws-cleanup:0.45
xml-job-to-job-dsl:0.1.13
zentimestamp:4.2

What Operating System are you using (both controller, and any agents involved in the problem)?

Windows Server 2019 for controller and agents.

Reproduction steps

Build a declarative pipeline with that scans multiple applications parallel or in series
(Multiple calls of this method in one build:

def nexusIQScan(String appName, String orgID) {
    def scanPatterns = [[scanPattern: "${appName}/path_to/module.xml"]]

    def policyEvaluation = nexusPolicyEvaluation iqApplication: manualApplication("${appName}"),
            iqStage: "release",
            iqScanPatterns: scanPatterns,
            iqOrganization: orgID,
            jobCredentialsId: 'redacted',
            failBuildOnNetworkError: false
}

Expected Results

Each call of this method should trigger a scan of the dependencies in the scan patterns, scrictly seperated from the other scans in the same build.

Actual Results

The dependencies add up with every scan. Given three scans for applications A to C: Scan for application A starts first and scans 10 dependencies, Scan B then includes those 10 dependencies for its scan and adds them in the report for Application B. The dependencies of app A and B are also then included in the third scan C.

Anything else?

We split the method calls into seperate stages and first exectuted those stages in a parallel-block but then switched to consequtive execution but that didn't help.

Are you interested in contributing a fix?

No response

Optionally do not set pipeline result as UNSTABLE/FAILED

Dependencies

N/A

Feature Request

Currently, when risks/vulnerabilities are found by Nexus IQ, Jenkins pipeline result is set to UNSTABLE/FAILED and there is no way to overwrite the result of the pipeline with a better value (SUCCESS). For our case, we don't treat found risks as something needing immediate attention, thus, we would like to keep our pipeline green even if Nexus IQ finds risks.

Note, the documentation says that The build result can also be overridden in a Pipeline., however, that's not the case (it can only be overridden to a worse state but not a better state).

Uploading artifacts doesn't work

Jenkins and plugins versions report

Environment

Jenkins: 2.396
OS: Linux - 5.15.0-60-generic
Java: 17.0.6 - Eclipse Adoptium (OpenJDK 64-Bit Server VM)
---
antisamy-markup-formatter:159.v25b_c67cd35fb_
apache-httpcomponents-client-4-api:4.5.14-150.v7a_b_9d17134a_5
authentication-tokens:1.4
bootstrap5-api:5.2.2-2
bouncycastle-api:2.27
branch-api:2.1071.v1a_188a_562481
caffeine-api:2.9.3-65.v6a_47d0f4d1fe
checks-api:2.0.0
cloudbees-folder:6.815.v0dd5a_cb_40e0e
command-launcher:90.v669d7ccb_7c31
commons-httpclient3-api:3.1-3
commons-lang3-api:3.12.0-36.vd97de6465d5b_
commons-text-api:1.10.0-36.vc008c8fcda_7b_
conditional-buildstep:1.4.2
config-file-provider:3.11.1
credentials:1224.vc23ca_a_9a_2cb_0
credentials-binding:523.vd859a_4b_122e6
dependency-check-jenkins-plugin:5.4.0
display-url-api:2.3.7
docker-commons:419.v8e3cd84ef49c
docker-java-api:3.2.13-68.va_875df25a_b_45
dtkit-api:3.0.2
durable-task:504.vb10d1ae5ba2f
echarts-api:5.4.0-3
email-ext:2.95
external-monitor-job:203.v683c09d993b_9
font-awesome-api:6.3.0-2
git:5.0.0
git-client:4.2.0
gitea:1.4.5
gogs-webhook:1.0.15
gradle:2.3.2
handy-uri-templates-2-api:2.1.8-22.v77d5b_75e6953
instance-identity:142.v04572ca_5b_265
ionicons-api:45.vf54fca_5d2154
jackson2-api:2.14.2-319.v37853346a_229
jakarta-activation-api:2.0.1-3
jakarta-mail-api:2.0.1-3
javadoc:226.v71211feb_e7e9
javax-activation-api:1.2.0-6
javax-mail-api:1.6.2-9
jaxb:2.3.8-1
jdk-tool:63.v62d2fd4b_4793
jobConfigHistory:1207.vd28a_54732f92
jquery3-api:3.6.4-1
jsch:0.1.55.61.va_e9ee26616e7
junit:1189.v1b_e593637fa_e
keycloak:2.3.0
ldap:671.v2a_9192a_7419d
mailer:448.v5b_97805e3767
matrix-auth:3.1.6
matrix-project:785.v06b_7f47b_c631
maven-plugin:3.21
mina-sshd-api-common:2.9.2-62.v199162f0a_2f8
mina-sshd-api-core:2.9.2-62.v199162f0a_2f8
next-build-number:1.8
nexus-artifact-uploader:2.14
nexus-jenkins-plugin:3.16.485.ve2c3a_17ec407
nodejs:1.6.0
pam-auth:1.10
parameterized-trigger:2.45
pipeline-build-step:487.va_823138eee8b_
pipeline-graph-analysis:202.va_d268e64deb_3
pipeline-groovy-lib:629.vb_5627b_ee2104
pipeline-input-step:466.v6d0a_5df34f81
pipeline-milestone-step:111.v449306f708b_7
pipeline-model-api:2.2125.vddb_a_44a_d605e
pipeline-model-definition:2.2125.vddb_a_44a_d605e
pipeline-model-extensions:2.2125.vddb_a_44a_d605e
pipeline-stage-step:305.ve96d0205c1c6
pipeline-stage-tags-metadata:2.2125.vddb_a_44a_d605e
plain-credentials:143.v1b_df8b_d3b_e48
plugin-usage-plugin:4.0
plugin-util-api:3.2.0
popper2-api:2.11.6-2
publish-over:0.22
publish-over-ssh:1.24
run-condition:1.5
scm-api:631.v9143df5b_e4a_a
script-security:1229.v4880b_b_e905a_6
snakeyaml-api:1.33-95.va_b_a_e3e47b_fa_4
sonar:2.15
ssh:2.6.1
ssh-credentials:305.v8f4381501156
ssh-slaves:2.877.v365f5eb_a_b_eec
sshd:3.275.v9e17c10f2571
structs:324.va_f5d6774f3a_d
throttle-concurrents:2.12
token-macro:321.vd7cc1f2a_52c8
trilead-api:2.84.v72119de229b_7
variant:59.vf075fe829ccb
workflow-aggregator:596.v8c21c963d92d
workflow-api:1208.v0cc7c6e0da_9e
workflow-basic-steps:1010.vf7a_b_98e847c1
workflow-cps:3651.ve2e99a_4f4a_e5
workflow-durable-task-step:1241.v1a_63e465f943
workflow-job:1289.vd1c337fd5354
workflow-multibranch:733.v109046189126
workflow-scm-step:408.v7d5b_135a_b_d49
workflow-step-api:639.v6eca_cd8c04a_a_
workflow-support:839.v35e2736cfd5c
xunit:3.1.2
xvfb:1.2

What Operating System are you using (both controller, and any agents involved in the problem)?

Both Ubuntu 22.04.2

Reproduction steps

Use the Nexus platform plugin in a maven project to upload a jar file

Expected Results

it should be uploaded

Actual Results

the build hangs. In console output the last entry is:
Uploading Maven asset with groupId: com.example artifactId: exampleartifact version: 2.0.1 packaging: jar To repository: maven-snapshots
This also seems to render the whole node where this build is executed unusable, all other build also don't continue anymore.

In the nexus log, nothing appears except
java.io.IOException: java.util.concurrent.TimeoutException: Idle timeout expired: 30004/30000 ms, Cause: java.util.concurrent.TimeoutException: Idle timeout expired: 30004/30000 ms
after thirty seconds.

Anything else?

This happens both with Nexus 3.45.0-01 and 3.50.0-01.

The old Nexus Artifact Uploader plugin works just fine.

jenkins java 17 problem

Jenkins and plugins versions report

Environment

OS: Linux - 4.18.0-305.25.1.el8_4.x86_64
---
ace-editor:1.1
apache-httpcomponents-client-4-api:4.5.13-138.v4e7d9a_7b_a_e61
authentication-tokens:1.4
bootstrap5-api:5.2.1-3
bouncycastle-api:2.26
branch-api:2.1051.v9985666b_f6cc
caffeine-api:2.9.3-65.v6a_47d0f4d1fe
checks-api:1.8.0
cloudbees-folder:6.795.v3e23d3c6f194
command-launcher:90.v669d7ccb_7c31
commons-lang3-api:3.12.0-36.vd97de6465d5b_
commons-text-api:1.10.0-27.vb_fa_3896786a_7
configuration-as-code:1569.vb_72405b_80249
credentials:1214.v1de940103927
credentials-binding:523.vd859a_4b_122e6
display-url-api:2.3.6
durable-task:501.ve5d4fc08b0be
echarts-api:5.4.0-1
email-ext:2.92
font-awesome-api:6.2.1-1
fortify:22.1.38
generic-webhook-trigger:1.85.2
gerrit-trigger:2.37.0
git:4.14.1
git-client:3.13.0
git-server:99.va_0826a_b_cdfa_d
gradle:2.1.1
hashicorp-vault-plugin:359.v2da_3b_45f17d5
http_request:1.16
instance-identity:116.vf8f487400980
ionicons-api:31.v4757b_6987003
jackson2-api:2.14.1-313.v504cdd45c18b
jakarta-activation-api:2.0.1-2
jakarta-mail-api:2.0.1-2
javax-activation-api:1.2.0-5
javax-mail-api:1.6.2-8
jaxb:2.3.7-1
jdk-tool:63.v62d2fd4b_4793
job-dsl:1.81
jquery3-api:3.6.1-2
jsch:0.1.55.61.va_e9ee26616e7
junit:1166.va_436e268e972
kubernetes:3734.v562b_b_a_627ea_c
kubernetes-client-api:5.12.2-193.v26a_6078f65a_9
kubernetes-credentials:0.9.0
mailer:438.v02c7f0a_12fa_4
matrix-auth:3.1.5
matrix-project:785.v06b_7f47b_c631
metrics:4.2.10-405.v60a_9cc74e923
mina-sshd-api-common:2.9.2-50.va_0e1f42659a_a
mina-sshd-api-core:2.9.2-50.va_0e1f42659a_a
momentjs:1.1.1
nexus-jenkins-plugin:3.16.459.vcdf273b_29f8c
oic-auth:2.1
openshift-client:1.0.38
permissive-script-security:0.7
pipeline-build-step:2.18
pipeline-graph-analysis:195.v5812d95a_a_2f9
pipeline-groovy-lib:621.vb_44ce045b_582
pipeline-input-step:466.v6d0a_5df34f81
pipeline-model-api:2.2118.v31fd5b_9944b_5
pipeline-model-definition:2.2118.v31fd5b_9944b_5
pipeline-model-extensions:2.2118.v31fd5b_9944b_5
pipeline-rest-api:2.28
pipeline-stage-step:296.v5f6908f017a_5
pipeline-stage-tags-metadata:2.2118.v31fd5b_9944b_5
pipeline-stage-view:2.28
plain-credentials:139.ved2b_9cf7587b
plugin-util-api:2.18.0
popper2-api:2.11.6-2
rocketchatnotifier:1.5.2
scm-api:621.vda_a_b_055e58f7
script-security:1218.v39ca_7f7ed0a_c
snakeyaml-api:1.33-90.v80dcb_3814d35
sqlplus-script-runner:2.0.20
ssh-agent:295.v9ca_a_1c7cc3a_a_
ssh-credentials:305.v8f4381501156
sshd:3.249.v2dc2ea_416e33
structs:324.va_f5d6774f3a_d
token-macro:321.vd7cc1f2a_52c8
trilead-api:2.84.v72119de229b_7
variant:59.vf075fe829ccb
workflow-api:1200.v8005c684b_a_c6
workflow-basic-steps:994.vd57e3ca_46d24
workflow-cps:3536.vb_8a_6628079d5
workflow-cps-global-lib:609.vd95673f149b_b
workflow-durable-task-step:1217.v38306d8fa_b_5c
workflow-job:1254.v3f64639b_11dd
workflow-multibranch:716.vc692a_e52371b_
workflow-scm-step:400.v6b_89a_1317c9a_
workflow-step-api:639.v6eca_cd8c04a_a_
workflow-support:839.v35e2736cfd5c

What Operating System are you using (both controller, and any agents involved in the problem)?

agent linux ubuntu docker jenkins/inbound-agent:4.10-3-jdk17-preview

openjdk 17 2021-09-14
OpenJDK Runtime Environment Temurin-17+35 (build 17+35)
OpenJDK 64-Bit Server VM Temurin-17+35 (build 17+35, mixed mode)

Reproduction steps

when plugin is executed i get error

:WARNING: LinkageError while performing UserRequest:org.sonatype.nexus.ci.iq.RemoteScanner@7214c14c
java.lang.ExceptionInInitializerError
	at com.thoughtworks.xstream.converters.collections.PropertiesConverter.marshal(PropertiesConverter.java:71)
	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:68)
	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:59)
	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:83)
	at com.thoughtworks.xstream.converters.reflection.AbstractReflectionConverter.marshallField(AbstractReflectionConverter.java:270)
	at com.thoughtworks.xstream.converters.reflection.AbstractReflectionConverter$2.writeField(AbstractReflectionConverter.java:174)
	at com.thoughtworks.xstream.converters.reflection.AbstractReflectionConverter.doMarshal(AbstractReflectionConverter.java:262)
	at com.thoughtworks.xstream.converters.reflection.AbstractReflectionConverter.marshal(AbstractReflectionConverter.java:90)
	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:68)
	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:59)
	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:83)
	at com.thoughtworks.xstream.converters.reflection.AbstractReflectionConverter.marshallField(AbstractReflectionConverter.java:270)
	at com.thoughtworks.xstream.converters.reflection.AbstractReflectionConverter$2.writeField(AbstractReflectionConverter.java:174)
	at com.thoughtworks.xstream.converters.reflection.AbstractReflectionConverter.doMarshal(AbstractReflectionConverter.java:262)
	at com.thoughtworks.xstream.converters.reflection.AbstractReflectionConverter.marshal(AbstractReflectionConverter.java:90)
	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:68)
	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:59)
	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:44)
	at com.thoughtworks.xstream.core.TreeMarshaller.start(TreeMarshaller.java:83)
	at com.thoughtworks.xstream.core.AbstractTreeMarshallingStrategy.marshal(AbstractTreeMarshallingStrategy.java:37)
	at com.thoughtworks.xstream.XStream.marshal(XStream.java:1266)
	at com.thoughtworks.xstream.XStream.marshal(XStream.java:1255)
	at com.thoughtworks.xstream.XStream.toXML(XStream.java:1228)
	at com.thoughtworks.xstream.XStream.toXML(XStream.java:1215)
	at com.sonatype.insight.scan.model.io.ScanWriter.openScan(ScanWriter.java:142)
	at com.sonatype.nexus.api.iq.scan.Scanner.scan(Scanner.java:104)
	at com.sonatype.nexus.api.iq.impl.DefaultIqClient.scan(DefaultIqClient.java:312)
	at com.sonatype.nexus.api.iq.impl.DefaultIqClient.scan(DefaultIqClient.java:290)
	at com.sonatype.nexus.api.iq.internal.InternalIqClient$scan.call(Unknown Source)
	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:47)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:116)
	at org.sonatype.nexus.ci.iq.RemoteScanner.call(RemoteScanner.groovy:106)
	at org.sonatype.nexus.ci.iq.RemoteScanner.call(RemoteScanner.groovy)
	at hudson.remoting.UserRequest.perform(UserRequest.java:211)
	at hudson.remoting.UserRequest.perform(UserRequest.java:54)
	at hudson.remoting.Request$2.run(Request.java:376)
	at hudson.remoting.InterceptingExecutorService.lambda$wrap$0(InterceptingExecutorService.java:78)
	at java.base/java.util.concurrent.FutureTask.run(Unknown Source)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
	at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:122)
	at java.base/java.lang.Thread.run(Unknown Source)
Caused by: java.lang.reflect.InaccessibleObjectException: Unable to make field protected volatile java.util.Properties java.util.Properties.defaults accessible: module java.base does not "opens java.util" to unnamed module @58923bb3
	at java.base/java.lang.reflect.AccessibleObject.checkCanSetAccessible(Unknown Source)
	at java.base/java.lang.reflect.AccessibleObject.checkCanSetAccessible(Unknown Source)
	at java.base/java.lang.reflect.Field.checkCanSetAccessible(Unknown Source)
	at java.base/java.lang.reflect.Field.setAccessible(Unknown Source)
	at com.thoughtworks.xstream.core.util.Fields.locate(Fields.java:40)
	at com.thoughtworks.xstream.converters.collections.PropertiesConverter$Reflections.<clinit>(PropertiesConverter.java:105)
	... 42 more```

### Expected Results

build fail 

### Actual Results

no fail

### Anything else?

workaround: 
key: "JAVA_OPTS"
value: "--add-opens java.base/java.text=ALL-UNNAMED --add-opens java.desktop/java.awt.font=ALL-UNNAMED\
\ --add-opens java.base/java.lang.reflect=ALL-UNNAMED --add-opens\
\ java.base/java.lang=ALL-UNNAMED --add-opens java.base/[java.io](http://java.io/)=ALL-UNNAMED\
\ --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/java.util.concurrent=ALL-UNNAMED"

Install via casc causes problems

Jenkins and plugins versions report

Environment

Jenkins: 2.375.2
OS: Linux - 5.10.147+
---
adoptopenjdk:1.5
apache-httpcomponents-client-4-api:4.5.13-138.v4e7d9a_7b_a_e61
authentication-tokens:1.4
bootstrap5-api:5.2.1-3
bouncycastle-api:2.27
branch-api:2.1071.v1a_188a_562481
caffeine-api:2.9.3-65.v6a_47d0f4d1fe
checks-api:1.8.1
cloudbees-folder:6.800.v71307ca_b_986b
commons-lang3-api:3.12.0-36.vd97de6465d5b_
commons-text-api:1.10.0-27.vb_fa_3896786a_7
configuration-as-code:1569.vb_72405b_80249
credentials:1214.v1de940103927
credentials-binding:523.vd859a_4b_122e6
display-url-api:2.3.7
durable-task:504.vb10d1ae5ba2f
echarts-api:5.4.0-1
font-awesome-api:6.2.1-1
git:5.0.0
git-client:4.1.0
instance-identity:142.v04572ca_5b_265
ionicons-api:31.v4757b_6987003
jackson2-api:2.14.2-319.v37853346a_229
jakarta-activation-api:2.0.1-2
jakarta-mail-api:2.0.1-2
javax-activation-api:1.2.0-5
javax-mail-api:1.6.2-5
jaxb:2.3.8-1
jquery3-api:3.6.1-2
junit:1166.va_436e268e972
kubernetes:3845.va_9823979a_744
kubernetes-client-api:6.3.1-206.v76d3b_6b_14db_b
kubernetes-credentials:0.10.0
mailer:448.v5b_97805e3767
metrics:4.2.13-420.vea_2f17932dd6
mina-sshd-api-common:2.9.2-50.va_0e1f42659a_a
mina-sshd-api-core:2.9.2-50.va_0e1f42659a_a
nexus-jenkins-plugin:3.16.476.v410d6968f400
oic-auth:2.5
pipeline-build-step:2.18
pipeline-graph-analysis:202.va_d268e64deb_3
pipeline-groovy-lib:629.vb_5627b_ee2104
pipeline-input-step:466.v6d0a_5df34f81
pipeline-milestone-step:111.v449306f708b_7
pipeline-model-api:2.2118.v31fd5b_9944b_5
pipeline-model-definition:2.2118.v31fd5b_9944b_5
pipeline-model-extensions:2.2118.v31fd5b_9944b_5
pipeline-rest-api:2.31
pipeline-stage-step:305.ve96d0205c1c6
pipeline-stage-tags-metadata:2.2118.v31fd5b_9944b_5
plain-credentials:143.v1b_df8b_d3b_e48
plugin-util-api:2.20.0
popper2-api:2.11.6-2
prometheus:2.1.1
role-strategy:587.v2872c41fa_e51
scm-api:631.v9143df5b_e4a_a
script-security:1229.v4880b_b_e905a_6
snakeyaml-api:1.33-90.v80dcb_3814d35
ssh-credentials:305.v8f4381501156
sshd:3.236.ved5e1b_cb_50b_2
structs:324.va_f5d6774f3a_d
trilead-api:2.84.v72119de229b_7
variant:59.vf075fe829ccb
workflow-aggregator:590.v6a_d052e5a_a_b_5
workflow-api:1208.v0cc7c6e0da_9e
workflow-basic-steps:994.vd57e3ca_46d24
workflow-cps:3611.v201b_d9f9eb_f7
workflow-durable-task-step:1223.v7f1a_98a_8863e
workflow-job:1268.v6eb_e2ee1a_85a
workflow-multibranch:716.vc692a_e52371b_
workflow-scm-step:400.v6b_89a_1317c9a_
workflow-step-api:639.v6eca_cd8c04a_a_
workflow-support:839.v35e2736cfd5c

What Operating System are you using (both controller, and any agents involved in the problem)?

GKE 1.24.8-gke.2000

Reproduction steps

Create a Jenkins instance with jenkinsci Helm chart - set jenkins url, roles, build agent, etc.
Add the following fragment to install this Nexus Platform plug-in and deploy

controller:
  additionalPlugins:
    - nexus-jenkins-plugin

  JCasC:
    configScripts:
      nxrm3configuration: |
        unclassified:
          globalNexusConfiguration:
            nxrmConfigs:
            - nxrm3Configuration:
              displayName: "Build Artifacts"
              id: "artifacts"
              serverUrl: "https://${sonatype_dns_name_full}"
              credentialsId: "jenkins-sonatype-robot-account"

Expected Results

Go to Manage Jenkins - > Configure System. Nexus should be configured with one server per casc.

Actual Results

Crashes, and Jenkins is not fully configured. In addition to Nexus plugin not having any configuration, there are warnings about the build agent and jenkins url not being configured, suggesting the configuration processing from Helm values.yaml was interrupted.

Anything else?

This very well may be caused by my lack of understanding of how to configure Nexus via casc. I can't find any documentation for it.

I get the following error, which does not occur when I remove the Nexus casc block.

config-reload error

[2023-02-06 23:34:50] Received unknown exception: HTTPConnectionPool(host='localhost', port=8080): Max retries exceeded with url: /reload-configuration-as-code/
?casc-reload-token=jenkins-0 (Caused by ResponseError('too many 500 error responses'))                                                                          
                                                                                                                                                                
Traceback (most recent call last):                                                                                                                              
  File "/usr/local/lib/python3.8/site-packages/requests/adapters.py", line 439, in send                                                                         
    resp = conn.urlopen(                                                                                                                                        
  File "/usr/local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 846, in urlopen                                                                 
    return self.urlopen(                                                                                                                                        
  File "/usr/local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 846, in urlopen                                                                 
    return self.urlopen(                                                                                                                                        
  File "/usr/local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 846, in urlopen                                                                 
    return self.urlopen(                                                                                                                                        
  [Previous line repeated 2 more times]                                                                                                                         
  File "/usr/local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 836, in urlopen                                                                 
    retries = retries.increment(method, url, response=response, _pool=self)                                                                                     
  File "/usr/local/lib/python3.8/site-packages/urllib3/util/retry.py", line 574, in increment                                                                   
    raise MaxRetryError(_pool, url, error or ResponseError(cause))                                                                                              
urllib3.exceptions.MaxRetryError: HTTPConnectionPool(host='localhost', port=8080): Max retries exceeded with url: /reload-configuration-as-code/?casc-reload-tok
en=jenkins-0 (Caused by ResponseError('too many 500 error responses'))                                                                                          
                                                                                                                                                                
During handling of the above exception, another exception occurred:                                                                                             
                                                                                                                                                                
Traceback (most recent call last):                                                                                                                              
  File "/app/resources.py", line 239, in _watch_resource_loop                                                                                                   
    _watch_resource_iterator(*args)                                                                                                                             
  File "/app/resources.py", line 227, in _watch_resource_iterator                                                                                               
    request(request_url, request_method, enable_5xx, request_payload)                                                                                           
  File "/app/helpers.py", line 123, in request                                                                                                                  
    res = r.post("%s" % url, auth=auth, json=payload, timeout=REQ_TIMEOUT)                                                                                      
  File "/usr/local/lib/python3.8/site-packages/requests/sessions.py", line 590, in post                                                                         
    return self.request('POST', url, data=data, json=json, **kwargs)                                                                                            
  File "/usr/local/lib/python3.8/site-packages/requests/sessions.py", line 542, in request                                                                      
    resp = self.send(prep, **send_kwargs)                                                                                                                       
  File "/usr/local/lib/python3.8/site-packages/requests/sessions.py", line 655, in send                                                                         
    r = adapter.send(request, **kwargs)                                                                                                                         
  File "/usr/local/lib/python3.8/site-packages/requests/adapters.py", line 507, in send                                                                         
    raise RetryError(e, request=request)                                                                                                                        
requests.exceptions.RetryError: HTTPConnectionPool(host='localhost', port=8080): Max retries exceeded with url: /reload-configuration-as-code/?casc-reload-token
=jenkins-0 (Caused by ResponseError('too many 500 error responses'))

I can successfully manually configure the plug-in, and the Test Server button verifies it works.

Here are the other values.yaml settings.

other values.yaml

controller:
  jenkinsUrl: "https://${dns_name_full}"
  servicePort: 80
  serviceType: ClusterIP
  serviceAnnotations:
    cloud.google.com/neg: '{"ingress": true}'
  podAnnotations:
    kube-vault-sync.github.com/sync: "admin-pwd,kaniko-auth,root-ca,argocd-api-token"
  admin:
    existingSecret: "admin-pwd"
    userKey: "jenkins-admin-user"
    passwordKey: "jenkins-admin-password"

  # plugin or plugin:version
  installPlugins:
    - kubernetes
    - workflow-aggregator
    - git
    - configuration-as-code

  installLatestPlugins: true

  installLatestSpecifiedPlugins: true

  additionalPlugins:
    - oic-auth  # https://bytesource.net/en/blog/posts/serverless-jenkins-part-1/
    - role-strategy
    - adoptopenjdk
    - prometheus

  javaOpts: >-
    -Dhudson.util.RingBufferLogHandler.defaultSize=4096

  jenkinsOpts: "--sessionTimeout=1440"

  initConfigMap: "init-groovy"

  ingress:
    enabled: true
    hostName: "${dns_name_full}"
    annotations:
      ingress.gcp.kubernetes.io/pre-shared-cert: "${gce_ssl_cert_name}"
      kubernetes.io/ingress.class: "gce-internal"
      kubernetes.io/ingress.allow-http: "false"
      external-dns.alpha.kubernetes.io/hostname: "${dns_name_full}."
    tls:
      - secretName: "${tls_secret_name}"
        hosts:
          - "jenkins.${kubernetes_namespace}.svc.cluster.local"

  initScripts:
    setup-known-hosts: |
      new File("/var/jenkins_home/.ssh").mkdir()
      File file = new File("/var/jenkins_home/.ssh/known_hosts")
      file.write '${known_hosts}'
      file.setReadOnly()

  projectNamingStrategy:
    roleBased:
      forceExistingJobs: false

  JCasC:
    #
    # Manually configure a test Jenkins the way you want it, then view the config in yaml
    # at https://jenkins.int.${project_name}.nabancard.dev/configuration-as-code/viewExport,
    # then adapt the relevant fragment to follow the pattern below.
    #
    # The inner name like 'welcome-message' is your choice, but it ends up in a configmap
    # key and must be lowercase alphanumeric with optional middle dashes and dots.
    #
    configScripts:
      welcome-message: |
        jenkins:
          systemMessage: Welcome to the CI/CD server for ${project_name}!
      global-vars: |
        jenkins:
          globalNodeProperties:
          - envVars:
              env:
              - key: "PROJECT_NAME"
                value: "${project_name}"
              - key: "ARTIFACT_HOST"
                value: "${sonatype_dns_name_full}"
              - key: "DEPLOYMENT_HOST"
                value: "${argocd_dns_name_full}"
      okta: |
        jenkins:
          securityRealm:
            oic:
              clientId: "${clientId}"
              clientSecret: "${clientSecret}"
              wellKnownOpenIDConfigurationUrl: "${oidcIssuerUrl}/.well-known/openid-configuration"
              userInfoServerUrl: "${oidcIssuerUrl}/oauth2/v1/userinfo"
              tokenFieldToCheckKey: ""
              tokenFieldToCheckValue: ""
              fullNameFieldName: "name"
              groupsFieldName: "groups"
              disableSslVerification: false
              logoutFromOpenidProvider: true
              endSessionEndpoint: "${oidcIssuerUrl}/oauth2/v1/logout"
              postLogoutRedirectUrl: "https://${dns_name_full}"
              escapeHatchEnabled: false
              escapeHatchUsername: ""
              escapeHatchSecret: "my-unused-password"
              escapeHatchGroup: ""
              automanualconfigure: "auto"
              emailFieldName: "email"
              userNameField: "name"
              tokenServerUrl: "${oidcIssuerUrl}/oauth2/v1/token"
              authorizationServerUrl: "${oidcIssuerUrl}/oauth2/v1/authorize"
              scopes: "address phone openid profile offline_access groups email"
           
          authorizationStrategy:
            roleBased:
              roles:
                global:
                  - name: "${project_admin_account}"
                    permissions:
                      - "Overall/Administer"
                    assignments:
                      - "${project_admin_account}"
                  - name: "${project_manager_account}"
                    permissions:
                      - "Overall/Administer"
                    assignments:
                      - "${project_manager_account}"
                  - name: "${project_reader_account}"
                    permissions:
                      - "Overall/Read"
                    assignments:
                      - "${project_reader_account}"
                  - name: "service-account"
                    permissions:
                      - "Overall/Read"
                      - "Credentials/Create"
                      - "Credentials/Update"
                      - "Credentials/Delete"
                      - "Credentials/View"
                      - "Job/Create"
                      - "Job/Delete"
                      - "Job/Discover"
                      - "Job/Read"
                      - "Job/Configure"
                    assignments:
                      - "${project_automation_account}"
      prometheus: |
        unclassified:
          prometheusConfiguration:
            appendParamLabel: false
            appendStatusLabel: false
            collectDiskUsage: false
            collectingMetricsPeriodInSeconds: 120
            countAbortedBuilds: true
            countFailedBuilds: true
            countNotBuiltBuilds: true
            countSuccessfulBuilds: true
            countUnstableBuilds: true
            defaultNamespace: "default"
            fetchTestResults: true
            jobAttributeName: "jenkins_job"
            path: "prometheus"
            processingDisabledBuilds: false
            useAuthenticatedEndpoint: true

  # The sections below are for adding our root CA to the Jenkins container image.
  # - Use an init container to copy the whole Jenkins cert store into the writable volume
  # - Concat our root CA cert
  customInitContainers:
  - name: add-ca-certs
    image: "jenkins/jenkins:lts"
    imagePullPolicy: Always
    command: 
    - "sh"
    - "-c"
    - >
      cat /etc/ssl/certs/ca-certificates.crt /etc/root-ca/root-ca-cert.pem > /cacerts-share/ca-certificates.crt
      && cp $${JAVA_HOME}/lib/security/cacerts /cacerts-share/cacerts 
      && chmod 644 /cacerts-share/cacerts
      && $${JAVA_HOME}/bin/keytool -import -trustcacerts -alias custom-ca-certs -keystore /cacerts-share/cacerts -file /etc/root-ca/root-ca-cert.pem -noprompt -storepass changeit
    volumeMounts:
    - name: cacerts-share
      mountPath: /cacerts-share
    - name: root-ca-cert-pem
      mountPath: /etc/root-ca

# The sections below are for adding our root CA to the Jenkins container image.
# - Mount the root CA cert (a kubesecret) into the container
# - Make an empty writable volume
# - Mount the modified CA cert store in the container
persistence:
  volumes:
  - name: cacerts-share
    emptyDir: {}
  - name: root-ca-cert-pem
    secret:
      secretName: root-ca
  mounts:
  - mountPath: /etc/ssl/certs/ca-certificates.crt
    name: cacerts-share
    subPath: ca-certificates.crt
  - mountPath: /opt/java/openjdk/lib/security/cacerts
    name: cacerts-share
    subPath: cacerts

Example crash stack

2023-02-07 14:31:30.700+0000 [id=15]    INFO    i.j.p.casc.TokenReloadAction#doIndex: Configuration reload triggered via token                                  
2023-02-07 14:31:30.720+0000 [id=15]    WARNING    i.j.p.casc.BaseConfigurator#createAttribute: Can't handle class org.csanchez.jenkins.plugins.kubernetes.PodTemplate#listener: type is abstract but not Describable.                                                                                                          
2023-02-07 14:31:31.067+0000 [id=15]    WARNING    i.j.p.casc.BaseConfigurator#createAttribute: Can't handle class org.sonatype.nexus.ci.config.GlobalNexusConfiguration#metaClass: type is abstract but not Describable.                                                                                                       
    at org.kohsuke.stapler.interceptor.RequirePOST$Processor.invoke(RequirePOST.java:78)                                                                        
    at org.kohsuke.stapler.PreInvokeInterceptedFunction.invoke(PreInvokeInterceptedFunction.java:26)                                                            
    at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:207)                                                                                            
    at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:140)                                                                            
    at org.kohsuke.stapler.IndexDispatcher.dispatch(IndexDispatcher.java:28)                                                                                    
    at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:762)                                                                                                  
Caused: javax.servlet.ServletException                                                                                                                          
    at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:812)                                                                                                  
    at org.kohsuke.stapler.Stapler.invoke(Stapler.java:894)                                                                                                     
    at org.kohsuke.stapler.MetaClass$9.dispatch(MetaClass.java:475)                                                                                             
    at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:762)                                                                                                  
    at org.kohsuke.stapler.Stapler.invoke(Stapler.java:894)                                                                                                     
    at org.kohsuke.stapler.Stapler.invoke(Stapler.java:690)                                                                                                     
    at org.kohsuke.stapler.Stapler.service(Stapler.java:240)                                                                                                    
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:590)                                                                                             
    at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:764)                                                                                   
    at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1665)                                                                     
    at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:157)                                                                                 
    at jenkins.telemetry.impl.UserLanguages$AcceptLanguageFilter.doFilter(UserLanguages.java:129)                                                               
    at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)                                                                                 
    at jenkins.security.ResourceDomainFilter.doFilter(ResourceDomainFilter.java:81)                                                                             
    at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)                                                                                 
    at jenkins.metrics.impl.MetricsFilter.doFilter(MetricsFilter.java:125)                                                                                      
    at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)                                                                                 
    at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:160)                                                                                   
    at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)                                                                                   
    at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)                                                                        
    at io.jenkins.plugins.casc.TokenReloadCrumbExclusion.process(TokenReloadCrumbExclusion.java:20)                                                             
    at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:128)                                                                                          
    at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)                                                                                   
    at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)                                                                        
    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:94)                                                                            
    at jenkins.security.AcegiSecurityExceptionFilter.doFilter(AcegiSecurityExceptionFilter.java:52)                                                             
    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)                                                                            
    at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:54)                                                            
    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)                                                                            
    at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:122)                                         
    at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:116)                                         
    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)                                                                            
    at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:109)                           
    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)                                                                            
    at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:141)              
    at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:97)               
    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)                                                                            
    at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:223)         
    at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:217)         
    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)                                                                            
    at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:97)                                                                             
    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)                                                                            
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:112)                            
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:82)                             
    at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:63)                                              
    at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)                                                                            
    at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:111)                                                                             
    at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:172)                                                                                             
    at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)                                                                                   
    at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)                                                                        
    at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:53)                                                                    
    at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)                                                                                   
    at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)                                                                        
    at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:86)                                                                            
    at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)                                                                                   
    at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)                                                                        
    at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)                                                              
    at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)                                                                                   
    at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)                                                                        
    at jenkins.security.SuspiciousRequestFilter.doFilter(SuspiciousRequestFilter.java:38)                                                                       
    at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)                                                                                   
    at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)                                                                        
    at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:527)                                                                               
    at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:131)                                                                            
    at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:549)                                                                              
    at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122)                                                                          
    at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:223)                                                                        
    at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1571)                                                                       
    at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221)                                                                        
    at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1383)                                                                       
    at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:176)                                                                         
    at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:484)                                                                                
    at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1544)                                                                        
    at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:174)                                                                         
    at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1305)                                                                        
    at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:129)                                                                            
    at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122)                                                                          
    at org.eclipse.jetty.server.Server.handle(Server.java:563)                                                                                                  
    at org.eclipse.jetty.server.HttpChannel.lambda$handle$0(HttpChannel.java:505)                                                                               
    at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:762)                                                                                      
    at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:497)                                                                                        
    at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:282)                                                                              
    at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:314)                                                              
    at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)                                                                                        
    at org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53)                                                                  
    at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:421)                                             
    at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:390)                                         
    at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:277)                                          
    at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.lambda$new$0(AdaptiveExecutionStrategy.java:139)                                        
    at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:411)                                                 
    at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:933)                                                                         
    at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1077)                                                                    
    at java.base/java.lang.Thread.run(Thread.java:829)

Support for running on a Java 17 jenkins node

Jenkins and plugins versions report

Environment

Jenkins: 2.332.2
OS: Linux - 4.14.276-211.499.amzn2.x86_64
---
nexus-jenkins-plugin:3.14.412.v8021dc9cc4ef

What Operating System are you using (both controller, and any agents involved in the problem)?

Both controller and agent are using amazon linux. Both have Java 17 distrubution by AWS (Corretto)

$ java -version
openjdk version "17.0.3" 2022-04-19 LTS
OpenJDK Runtime Environment Corretto-17.0.3.6.1 (build 17.0.3+6-LTS)
OpenJDK 64-Bit Server VM Corretto-17.0.3.6.1 (build 17.0.3+6-LTS, mixed mode, sharing)

Reproduction steps

Just running nexus evaluation in scripted pipelines like so:
def policyEvaluationResult = script.nexusPolicyEvaluation(failBuildOnNetworkError: false, iqApplication: 'webapp', iqStage: 'stage',
iqScanPatterns: nexusScanPatterns(foldersList), jobCredentialsId: '')

Expected Results

No error

Actual Results

The evaluation fails and the following exception is thrown:

`Remote call on EC2 (dev-aws) - node-spot (i-06cc8528e364b0894) failed
[Pipeline] echo
java.io.IOException: Remote call on EC2 (dev-aws) - node-spot (i-06cc8528e364b0894) failed
at hudson.remoting.Channel.call(Channel.java:1004)
at hudson.remoting.VirtualChannel$call.call(Unknown Source)
at org.sonatype.nexus.ci.iq.IqPolicyEvaluatorUtil.evaluatePolicy(IqPolicyEvaluatorUtil.groovy:95)
at org.sonatype.nexus.ci.iq.IqPolicyEvaluatorUtil$evaluatePolicy.call(Unknown Source)
at org.sonatype.nexus.ci.iq.PolicyEvaluatorExecution.run(PolicyEvaluatorExecution.groovy:50)
at org.sonatype.nexus.ci.iq.PolicyEvaluatorExecution.run(PolicyEvaluatorExecution.groovy)
at org.jenkinsci.plugins.workflow.steps.SynchronousNonBlockingStepExecution.lambda$start$0(SynchronousNonBlockingStepExecution.java:47)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: java.lang.ExceptionInInitializerError
at hidden.com.thoughtworks.xstream.converters.collections.PropertiesConverter.marshal(PropertiesConverter.java:71)
at hidden.com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:68)
at hidden.com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:59)
at hidden.com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:83)
at hidden.com.thoughtworks.xstream.converters.reflection.AbstractReflectionConverter.marshallField(AbstractReflectionConverter.java:270)
at hidden.com.thoughtworks.xstream.converters.reflection.AbstractReflectionConverter$2.writeField(AbstractReflectionConverter.java:174)
at hidden.com.thoughtworks.xstream.converters.reflection.AbstractReflectionConverter.doMarshal(AbstractReflectionConverter.java:262)
at hidden.com.thoughtworks.xstream.converters.reflection.AbstractReflectionConverter.marshal(AbstractReflectionConverter.java:90)
at hidden.com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:68)
at hidden.com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:59)
at hidden.com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:83)
at hidden.com.thoughtworks.xstream.converters.reflection.AbstractReflectionConverter.marshallField(AbstractReflectionConverter.java:270)
at hidden.com.thoughtworks.xstream.converters.reflection.AbstractReflectionConverter$2.writeField(AbstractReflectionConverter.java:174)
at hidden.com.thoughtworks.xstream.converters.reflection.AbstractReflectionConverter.doMarshal(AbstractReflectionConverter.java:262)
at hidden.com.thoughtworks.xstream.converters.reflection.AbstractReflectionConverter.marshal(AbstractReflectionConverter.java:90)
at hidden.com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:68)
at hidden.com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:59)
at hidden.com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:44)
at hidden.com.thoughtworks.xstream.core.TreeMarshaller.start(TreeMarshaller.java:83)
at hidden.com.thoughtworks.xstream.core.AbstractTreeMarshallingStrategy.marshal(AbstractTreeMarshallingStrategy.java:37)
at hidden.com.thoughtworks.xstream.XStream.marshal(XStream.java:1266)
at hidden.com.thoughtworks.xstream.XStream.marshal(XStream.java:1255)
at hidden.com.thoughtworks.xstream.XStream.toXML(XStream.java:1228)
at hidden.com.thoughtworks.xstream.XStream.toXML(XStream.java:1215)
at hidden.com.sonatype.insight.scan.model.io.ScanWriter.openScan(ScanWriter.java:142)
at com.sonatype.nexus.api.iq.scan.Scanner.scan(Scanner.java:106)
at com.sonatype.nexus.api.iq.impl.DefaultIqClient.scan(DefaultIqClient.java:255)
at com.sonatype.nexus.api.iq.impl.DefaultIqClient.scan(DefaultIqClient.java:233)
at com.sonatype.nexus.api.iq.internal.InternalIqClient$scan.call(Unknown Source)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:47)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:116)
at org.sonatype.nexus.ci.iq.RemoteScanner.call(RemoteScanner.groovy:106)
at org.sonatype.nexus.ci.iq.RemoteScanner.call(RemoteScanner.groovy)
at hudson.remoting.UserRequest.perform(UserRequest.java:211)
at hudson.remoting.UserRequest.perform(UserRequest.java:54)
at hudson.remoting.Request$2.run(Request.java:376)
at hudson.remoting.InterceptingExecutorService.lambda$wrap$0(InterceptingExecutorService.java:78)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
at java.base/java.lang.Thread.run(Thread.java:833)
Suppressed: hudson.remoting.Channel$CallSiteStackTrace: Remote call to EC2 (dev-aws) - node-spot (i-06cc8528e364b0894)
at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1784)
at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
at hudson.remoting.Channel.call(Channel.java:1000)
at hudson.remoting.VirtualChannel$call.call(Unknown Source)
at org.sonatype.nexus.ci.iq.IqPolicyEvaluatorUtil.evaluatePolicy(IqPolicyEvaluatorUtil.groovy:95)
at org.sonatype.nexus.ci.iq.IqPolicyEvaluatorUtil$evaluatePolicy.call(Unknown Source)
at org.sonatype.nexus.ci.iq.PolicyEvaluatorExecution.run(PolicyEvaluatorExecution.groovy:50)
at org.sonatype.nexus.ci.iq.PolicyEvaluatorExecution.run(PolicyEvaluatorExecution.groovy)
at org.jenkinsci.plugins.workflow.steps.SynchronousNonBlockingStepExecution.lambda$start$0(SynchronousNonBlockingStepExecution.java:47)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: java.lang.reflect.InaccessibleObjectException: Unable to make field protected volatile java.util.Properties java.util.Properties.defaults accessible: module java.base does not "opens java.util" to unnamed module @3e94b121
at java.base/java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:354)
at java.base/java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:297)
at java.base/java.lang.reflect.Field.checkCanSetAccessible(Field.java:178)
at java.base/java.lang.reflect.Field.setAccessible(Field.java:172)
at hidden.com.thoughtworks.xstream.core.util.Fields.locate(Fields.java:40)
at hidden.com.thoughtworks.xstream.converters.collections.PropertiesConverter$Reflections.(PropertiesConverter.java:105)
... 41 more

Anything else?

I could see that the plugin already has support for binaries built by Java 17 which is awesome! Is there currently another workaround like passing JVM flags such as --add-exports=java.base/java.util=ALL-UNNAMED to make it work?
Thank you for the great plugin!

Java 21 Hashing error when running a nexus iq scan in a Jenkins Pipeline

Jenkins and plugins versions report

Environment

Jenkins: 2.387.3
OS: Windows Server 2019 - 10.0
Java: 11.0.16 - Oracle Corporation (Java HotSpot(TM) 64-Bit Server VM)
---
JDK_Parameter_Plugin:1.2
NegotiateSSO:105.vf0d0de2a_b_8a_5
Parameterized-Remote-Trigger:3.1.6.3
PrioritySorter:4.1.0
ace-editor:1.1
active-directory:2.30
analysis-model-api:11.1.0
ansible:174.vfd5323d2b_9d8
ansible-tower:0.16.0
ansicolor:1.0.2
ant:487.vd79d090d4ea_e
antisamy-markup-formatter:159.v25b_c67cd35fb_
any-buildstep:14.ve115ec1484f0
apache-httpcomponents-client-4-api:4.5.14-150.v7a_b_9d17134a_5
artifactdeployer:1.3
atlassian-bitbucket-server-integration:3.3.2
audit-trail:333.vb_e1b_b_0f1238c
authentication-tokens:1.53.v1c90fd9191a_b_
authorize-project:1.5.1
badge:1.9.1
bitbucket:223.vd12f2bca5430
bitbucket-approval-filter:1.0.3
bitbucket-filter-project-trait:1.0
bitbucket-pullrequest-builder:1.5.0
bitbucket-pullrequests-filter:13.vda_de92e841b_b_
bitbucket-push-and-pull-request:2.8.3
bitbucket-scm-filter-aged-refs:31.ve3b_ca_fc71d5b_
bitbucket-scm-filter-jira-validator:0.1.0
bitbucket-scm-trait-commit-skip:0.4.0
blueocean:1.27.3
blueocean-autofavorite:1.2.5
blueocean-bitbucket-pipeline:1.27.3
blueocean-commons:1.27.3
blueocean-config:1.27.3
blueocean-core-js:1.27.3
blueocean-dashboard:1.27.3
blueocean-display-url:2.4.2
blueocean-events:1.27.3
blueocean-git-pipeline:1.27.3
blueocean-github-pipeline:1.27.3
blueocean-i18n:1.27.3
blueocean-jira:1.27.3
blueocean-jwt:1.27.3
blueocean-personalization:1.27.3
blueocean-pipeline-api-impl:1.27.3
blueocean-pipeline-editor:1.27.3
blueocean-pipeline-scm-api:1.27.3
blueocean-rest:1.27.3
blueocean-rest-impl:1.27.3
blueocean-web:1.27.3
bootstrap4-api:4.6.0-5
bootstrap5-api:5.3.0-1
bouncycastle-api:2.28
branch-api:2.1071.v1a_188a_562481
build-blocker-plugin:1.7.8
build-environment:1.7
build-failure-analyzer:2.4.1
build-pipeline-plugin:1.5.8
build-timeout:1.30
build-timestamp:1.0.3
build-user-vars-plugin:1.9
buildtriggerbadge:251.vdf6ef853f3f5
built-on-column:1.4
caffeine-api:3.1.6-115.vb_8b_b_328e59d8
checks-api:2.0.0
cloudbees-bitbucket-branch-source:800.va_b_b_9a_a_5035c1
cloudbees-folder:6.815.v0dd5a_cb_40e0e
code-coverage-api:4.4.0
command-launcher:100.v2f6722292ee8
commons-httpclient3-api:3.1-3
commons-lang3-api:3.12.0-36.vd97de6465d5b_
commons-text-api:1.10.0-36.vc008c8fcda_7b_
conditional-buildstep:1.4.2
config-file-provider:3.11.1
configuration-as-code:1625.v27444588cc3d
configurationslicing:430.v966357576543
configure-job-column-plugin:84.v792c9269f95a
coordinator:1.4.0
copyartifact:698.v393f578eb_ddc
countjobs-viewstabbar:1.0.1
credentials:1236.v31e44e6060c0
credentials-binding:604.vb_64480b_c56ca_
cron_column:1.7
cvs:2.19.1
dashboard-view:2.472.v9ff2a_e6a_c529
data-tables-api:1.13.3-3
delivery-pipeline-plugin:1.4.2
depgraph-view:1.0.5
display-url-api:2.3.7
docker-commons:419.v8e3cd84ef49c
docker-workflow:563.vd5d2e5c4007f
doclinks:0.6.1
downstream-ext:73.vdda_16e6eb_0da
durable-task:506.v1b_3e14b_6f5da_
dynamic_extended_choice_parameter:1.0.1
dynamicparameter:0.2.0
echarts-api:5.4.0-5
email-ext:2.96
envinject:2.901.v0038b_6471582
envinject-api:1.199.v3ce31253ed13
extended-read-permission:3.2
extensible-choice-parameter:1.8.0
external-monitor-job:203.v683c09d993b_9
favorite:2.4.1
flexible-publish:0.16.1
font-awesome-api:6.3.0-2
forensics-api:2.1.0
generic-webhook-trigger:1.86.3
git:5.0.1
git-client:4.2.0
git-server:99.va_0826a_b_cdfa_d
github:1.37.0
github-api:1.303-417.ve35d9dd78549
github-branch-source:1703.vd5a_2b_29c6cdc
github-scm-trait-commit-skip:0.4.0
global-post-script:1.1.4
google-oauth-plugin:1.0.8
gradle:2.6
groovy:453.vcdb_a_c5c99890
groovy-postbuild:2.5
handlebars:3.0.8
handy-uri-templates-2-api:2.1.8-22.v77d5b_75e6953
hidden-parameter:94.ve2cefce14d3f
htmlpublisher:1.31
http_request:1.16
instance-identity:173.va_37c494ec4e5
ionicons-api:45.vf54fca_5d2154
jackson2-api:2.15.2-350.v0c2f3f8fc595
jakarta-activation-api:2.0.1-3
jakarta-mail-api:2.0.1-3
javadoc:233.vdc1a_ec702cff
javax-activation-api:1.2.0-6
javax-mail-api:1.6.2-9
jaxb:2.3.8-1
jdk-tool:66.vd8fa_64ee91b_d
jenkins-design-language:1.27.3
jenkinswalldisplay:0.6.34
jersey2-api:2.39.1-1
jira:3.9
jira-ext:0.9
jira-trigger:1.0.2
jjwt-api:0.11.5-77.v646c772fddb_0
jnr-posix-api:3.1.16-2
job-dsl:1.83
job-import-plugin:3.6
jobConfigHistory:1207.vd28a_54732f92
jquery:1.12.4-1
jquery-detached:1.2.1
jquery3-api:3.7.0-1
jsch:0.2.8-65.v052c39de79b_2
junit:1207.va_09d5100410f
kerberos-sso:1.11
kubernetes:3923.v294a_d4250b_91
kubernetes-client-api:6.4.1-215.v2ed17097a_8e9
kubernetes-credentials:0.10.0
ldap:673.v034ec70ec2b_b_
lockable-resources:1150.v59db_2b_994618
log-parser:2.3.0
mac:1.6.1
mailer:457.v3f72cb_e015e5
mapdb-api:1.0.9-28.vf251ce40855d
mask-passwords:150.vf80d33113e80
matrix-auth:3.1.8
matrix-project:789.v57a_725b_63c79
maven-plugin:3.22
mercurial:1260.vdfb_723cdcc81
metrics:4.2.13-420.vea_2f17932dd6
mina-sshd-api-common:2.10.0-69.v28e3e36d18eb_
mina-sshd-api-core:2.10.0-69.v28e3e36d18eb_
momentjs:1.1.1
monitoring:1.94.0
multi-branch-priority-sorter:1.0
nexus-artifact-uploader:2.14
nexus-jenkins-plugin:3.19.1-01
nexus-task-runner:0.9.2
nodejs:1.6.0
nodelabelparameter:1.11.0
oauth-credentials:0.645.ve666a_c332668
okhttp-api:4.10.0-132.v7a_7b_91cef39c
openshift-client:1.0.38
openshift-login:1.0.29
openshift-sync:1.0.55
pam-auth:1.10
parameterized-scheduler:1.2
parameterized-trigger:2.45
permissive-script-security:0.7
persistent-parameter:1.3
pipeline-build-step:491.v1fec530da_858
pipeline-github-lib:42.v0739460cda_c4
pipeline-graph-analysis:202.va_d268e64deb_3
pipeline-groovy-lib:656.va_a_ceeb_6ffb_f7
pipeline-input-step:468.va_5db_051498a_4
pipeline-milestone-step:111.v449306f708b_7
pipeline-model-api:2.2131.vb_9788088fdb_5
pipeline-model-definition:2.2131.vb_9788088fdb_5
pipeline-model-extensions:2.2131.vb_9788088fdb_5
pipeline-rest-api:2.32
pipeline-stage-step:305.ve96d0205c1c6
pipeline-stage-tags-metadata:2.2131.vb_9788088fdb_5
pipeline-stage-view:2.32
pipeline-utility-steps:2.15.2
plain-credentials:143.v1b_df8b_d3b_e48
plugin-util-api:3.3.0
popper-api:1.16.1-3
popper2-api:2.11.6-2
postbuildscript:3.2.0-460.va_fda_0fa_26720
powershell:2.0
preSCMbuildstep:71.v1f2990a_37e27
prereq-buildstep:1.1
prism-api:1.29.0-4
publish-over:0.22
publish-over-ftp:1.17
publish-to-bitbucket:0.4
pubsub-light:1.17
quality-gates:2.5
rebuild:320.v5a_0933a_e7d61
regexemail:0.3
resource-disposer:0.22
role-strategy:631.va_dd0d500b_fc5
run-condition:1.5
scm-api:667.v8b_6e07cdc7f2
scm2job:2.5
scp:1.8
script-security:1244.ve463715a_f89c
scriptler:3.5
show-build-parameters:1.0
simple-build-for-pipeline:0.2
skip-notifications-trait:148.v269dccfa_1426
sloccount:1.27
snakeyaml-api:1.33-95.va_b_a_e3e47b_fa_4
sonar:2.15
sonar-quality-gates:1.3.1
sonarqube-generic-coverage:1.0
sse-gateway:1.26
ssh:2.6.1
ssh-agent:333.v878b_53c89511
ssh-credentials:305.v8f4381501156
ssh-slaves:2.877.v365f5eb_a_b_eec
ssh-steps:2.0.65.vd26b_5b_9b_de4d
sshd:3.303.vefc7119b_ec23
startup-trigger-plugin:2.9.3
stashNotifier:1.28
structs:324.va_f5d6774f3a_d
subversion:2.17.2
template-project:1.5.2
test-results-analyzer:0.4.0
text-finder:1.24
throttle-concurrents:2.13
timestamper:1.24
token-macro:359.vb_cde11682e0c
translation:1.16
trilead-api:2.84.v72119de229b_7
uno-choice:2.6.5
variant:59.vf075fe829ccb
view-job-filters:364.v48a_33389553d
violation-comments-to-stash:1.130
warnings-ng:10.1.0
workflow-aggregator:596.v8c21c963d92d
workflow-api:1213.v646def1087f9
workflow-basic-steps:1017.vb_45b_302f0cea_
workflow-cps:3659.v582dc37621d8
workflow-cps-global-lib:609.vd95673f149b_b
workflow-durable-task-step:1246.v5524618ea_097
workflow-job:1292.v27d8cc3e2602
workflow-multibranch:746.v05814d19c001
workflow-scm-step:408.v7d5b_135a_b_d49
workflow-step-api:639.v6eca_cd8c04a_a_
workflow-support:839.v35e2736cfd5c
ws-cleanup:0.45
xml-job-to-job-dsl:0.1.13
zentimestamp:4.2

What Operating System are you using (both controller, and any agents involved in the problem)?

Windows Server 2019

Reproduction steps

Create maven project with dependencies
We use a "module.xml" file to list all dependencies to give the Nexus Plugin for scanning
Scan the project in a Pipeline
We used the following code to scan the module.xml

def nexusIQScan(appName) {
    def scanPatterns = [[scanPattern: "${appName}/target/sonatype-clm/module.xml"]]

    def policyEvaluation = nexusPolicyEvaluation iqApplication: appName,
            iqStage: "release",
            iqScanPatterns: scanPatterns,
            jobCredentialsId: 'redacted',
            failBuildOnNetworkError: false
}

Expected Results

A clean log with no error messages and a full report of all scanned dependencies

Actual Results

We get Java Exceptions for classes with error messages regarding Java 21, a Java-Version we are not even using:

[ERROR] Could not parse class file FastDoubleSwar.class
15:49:05  java.lang.UnsupportedOperationException: Hashing for Java 21 and beyond is not supported yet
15:49:05  	at com.sonatype.insight.scan.hash.internal.asm.AsmClassFactory.newClassNode(AsmClassFactory.java:44)
15:49:05  	at com.sonatype.insight.scan.hash.internal.JavaDigester.digest(JavaDigester.java:90)
15:49:05  	at com.sonatype.insight.scan.hash.internal.DefaultDigester.digest(DefaultDigester.java:75)
15:49:05  	at com.sonatype.insight.scan.hash.internal.DefaultDigester.digest(DefaultDigester.java:54)
15:49:05  	at com.sonatype.insight.scan.file.ScanUtils.setHash(ScanUtils.java:79)
15:49:05  	at com.sonatype.insight.scan.file.FileVisitor.setScanItemHash(FileVisitor.java:552)
15:49:05  	at com.sonatype.insight.scan.file.FileVisitor.visitFile(FileVisitor.java:278)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:86)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.walk(FileWalker.java:35)
15:49:05  	at com.sonatype.insight.scan.file.FileScanner.scan(FileScanner.java:192)
15:49:05  	at com.sonatype.nexus.api.iq.scan.Scanner.scanModules(Scanner.java:191)
15:49:05  	at com.sonatype.nexus.api.iq.scan.Scanner.scan(Scanner.java:114)
15:49:05  	at com.sonatype.nexus.api.iq.impl.DefaultIqClient.scan(DefaultIqClient.java:312)
15:49:05  	at com.sonatype.nexus.api.iq.impl.DefaultIqClient.scan(DefaultIqClient.java:290)
15:49:05  	at com.sonatype.nexus.api.iq.internal.InternalIqClient$scan.call(Unknown Source)
15:49:05  	at org.sonatype.nexus.ci.iq.RemoteScanner.call(RemoteScanner.groovy:99)
15:49:05  	at org.sonatype.nexus.ci.iq.RemoteScanner.call(RemoteScanner.groovy)
15:49:05  	at hudson.remoting.UserRequest.perform(UserRequest.java:211)
15:49:05  	at hudson.remoting.UserRequest.perform(UserRequest.java:54)
15:49:05  	at hudson.remoting.Request$2.run(Request.java:377)
15:49:05  	at hudson.remoting.InterceptingExecutorService.lambda$wrap$0(InterceptingExecutorService.java:78)
15:49:05  	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
15:49:05  	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
15:49:05  	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
15:49:05  	at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:125)
15:49:05  	at java.base/java.lang.Thread.run(Thread.java:834)
15:49:05  [ERROR] Could not parse class file FastIntegerMath.class
15:49:05  java.lang.UnsupportedOperationException: Hashing for Java 21 and beyond is not supported yet
15:49:05  	at com.sonatype.insight.scan.hash.internal.asm.AsmClassFactory.newClassNode(AsmClassFactory.java:44)
15:49:05  	at com.sonatype.insight.scan.hash.internal.JavaDigester.digest(JavaDigester.java:90)
15:49:05  	at com.sonatype.insight.scan.hash.internal.DefaultDigester.digest(DefaultDigester.java:75)
15:49:05  	at com.sonatype.insight.scan.hash.internal.DefaultDigester.digest(DefaultDigester.java:54)
15:49:05  	at com.sonatype.insight.scan.file.ScanUtils.setHash(ScanUtils.java:79)
15:49:05  	at com.sonatype.insight.scan.file.FileVisitor.setScanItemHash(FileVisitor.java:552)
15:49:05  	at com.sonatype.insight.scan.file.FileVisitor.visitFile(FileVisitor.java:278)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:86)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.doWalk(FileWalker.java:75)
15:49:05  	at com.sonatype.insight.scan.file.FileWalker.walk(FileWalker.java:35)
15:49:05  	at com.sonatype.insight.scan.file.FileScanner.scan(FileScanner.java:192)
15:49:05  	at com.sonatype.nexus.api.iq.scan.Scanner.scanModules(Scanner.java:191)
15:49:05  	at com.sonatype.nexus.api.iq.scan.Scanner.scan(Scanner.java:114)
15:49:05  	at com.sonatype.nexus.api.iq.impl.DefaultIqClient.scan(DefaultIqClient.java:312)
15:49:05  	at com.sonatype.nexus.api.iq.impl.DefaultIqClient.scan(DefaultIqClient.java:290)
15:49:05  	at com.sonatype.nexus.api.iq.internal.InternalIqClient$scan.call(Unknown Source)
15:49:05  	at org.sonatype.nexus.ci.iq.RemoteScanner.call(RemoteScanner.groovy:99)
15:49:05  	at org.sonatype.nexus.ci.iq.RemoteScanner.call(RemoteScanner.groovy)
15:49:05  	at hudson.remoting.UserRequest.perform(UserRequest.java:211)
15:49:05  	at hudson.remoting.UserRequest.perform(UserRequest.java:54)
15:49:05  	at hudson.remoting.Request$2.run(Request.java:377)
15:49:05  	at hudson.remoting.InterceptingExecutorService.lambda$wrap$0(InterceptingExecutorService.java:78)
15:49:05  	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
15:49:05  	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
15:49:05  	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
15:49:05  	at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:125)
15:49:05  	at java.base/java.lang.Thread.run(Thread.java:834)

Anything else?

We tried using Java 11 and Java 17 in our Pipeline, both did not fix that error occuring.

Are you interested in contributing a fix?

No response

Add option to suppress output

Feature Request

I need an option to set a level of output (e.g. INFO, ERROR, etc) or some other clever way to suppress the INFO level output.

We have a requirement to connect some of our builds to nexusiq scans. But the output from the builds pointing at javascript repos is very large; it essentially makes the rest of the Jenkins CI pipeline output unusable. Unfortunately, it is not an option to narrow the scope of the scan. Most of this is output at the INFO level.

An example of our usage, if needed

nexusPolicyEvaluation advancedProperties: '',
          failBuildOnNetworkError: false,
          iqApplication: manualApplication(opt_appOverride),
          iqScanPatterns: opt_patternOverride, // this is usually [[scanPattern: 'node_modules/**']]
          iqStage: opt_stageOverride, // this is usually 'build'
          jobCredentialsId: 'nexusiq'

And a tiny fraction of the output:

...
08:14:34  [INFO] 2021-04-12T08:14:34.430-06:00 Starting scanning target: /localhome/jenkins/workspace/.../node_modules/yaml
08:14:34  [INFO] 2021-04-12T08:14:34.447-06:00 Finished scanning target: /localhome/jenkins/workspace/.../node_modules/yaml
08:14:34  [INFO] 2021-04-12T08:14:34.447-06:00 Starting scanning target: /localhome/jenkins/workspace/.../node_modules/yaml/LICENSE
08:14:34  [INFO] 2021-04-12T08:14:34.448-06:00 Finished scanning target: /localhome/jenkins/workspace/.../node_modules/yaml/LICENSE
08:14:34  [INFO] 2021-04-12T08:14:34.448-06:00 Starting scanning target: /localhome/jenkins/workspace/.../node_modules/yaml/README.md
08:14:34  [INFO] 2021-04-12T08:14:34.448-06:00 Finished scanning target: /localhome/jenkins/workspace/.../node_modules/yaml/README.md
08:14:34  [INFO] 2021-04-12T08:14:34.448-06:00 Starting scanning target: /localhome/jenkins/workspace/.../node_modules/yaml/browser
08:14:34  [INFO] 2021-04-12T08:14:34.453-06:00 Finished scanning target: /localhome/jenkins/workspace/.../node_modules/yaml/browser
08:14:34  [INFO] 2021-04-12T08:14:34.453-06:00 Starting scanning target: /localhome/jenkins/workspace/.../node_modules/yaml/browser/dist
08:14:34  [INFO] 2021-04-12T08:14:34.456-06:00 Finished scanning target: /localhome/jenkins/workspace/.../node_modules/yaml/browser/dist
08:14:34  [INFO] 2021-04-12T08:14:34.456-06:00 Starting scanning target: /localhome/jenkins/workspace/.../node_modules/yaml/browser/dist/PlainValue-b8036b75.js
08:14:34  [INFO] 2021-04-12T08:14:34.457-06:00 Finished scanning target: /localhome/jenkins/workspace/.../node_modules/yaml/browser/dist/PlainValue-b8036b75.js
...