Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Jenkins, proxy setup not working

See original GitHub issue
  • Jenkins ver. 2.164.3
  • OWASP Dependency-Check Plugin ver 5.0.2

Hi, we are having setup proxy in the Jenkins via global environment variables after plugin update, we faced issues with connection as follows:

[DependencyCheck] [ERROR] Unable to download meta file: https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-modified.meta
[DependencyCheck] org.owasp.dependencycheck.data.update.exception.UpdateException: Unable to download meta file: https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-modified.meta
[DependencyCheck] 	at org.owasp.dependencycheck.data.update.NvdCveUpdater.getMetaFile(NvdCveUpdater.java:347)
[DependencyCheck] 	at org.owasp.dependencycheck.data.update.NvdCveUpdater.getUpdatesNeeded(NvdCveUpdater.java:385)
[DependencyCheck] 	at org.owasp.dependencycheck.data.update.NvdCveUpdater.update(NvdCveUpdater.java:122)
[DependencyCheck] 	at org.owasp.dependencycheck.Engine.doUpdates(Engine.java:921)
[DependencyCheck] 	at org.owasp.dependencycheck.Engine.initializeAndUpdateDatabase(Engine.java:723)
[DependencyCheck] 	at org.owasp.dependencycheck.Engine.analyzeDependencies(Engine.java:653)
[DependencyCheck] 	at org.owasp.dependencycheck.App.runScan(App.java:251)
[DependencyCheck] 	at org.owasp.dependencycheck.App.run(App.java:183)
[DependencyCheck] 	at org.owasp.dependencycheck.App.main(App.java:80)
[DependencyCheck] Caused by: org.owasp.dependencycheck.utils.DownloadFailedException: Download failed, unable to retrieve 'https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-modified.meta'
[DependencyCheck] 	at org.owasp.dependencycheck.utils.Downloader.fetchContent(Downloader.java:115)
[DependencyCheck] 	at org.owasp.dependencycheck.data.update.NvdCveUpdater.getMetaFile(NvdCveUpdater.java:340)
[DependencyCheck] 	... 8 common frames omitted
[DependencyCheck] Caused by: org.owasp.dependencycheck.utils.DownloadFailedException: Error downloading file https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-modified.meta; unable to connect.
[DependencyCheck] 	at org.owasp.dependencycheck.utils.HttpResourceConnection.obtainConnection(HttpResourceConnection.java:238)
[DependencyCheck] 	at org.owasp.dependencycheck.utils.HttpResourceConnection.fetch(HttpResourceConnection.java:138)
[DependencyCheck] 	at org.owasp.dependencycheck.utils.Downloader.fetchContent(Downloader.java:110)
[DependencyCheck] 	... 9 common frames omitted
[DependencyCheck] Caused by: java.net.ConnectException: Connection refused (Connection refused)
[DependencyCheck] 	at java.net.PlainSocketImpl.socketConnect(Native Method)

We updated our proxy rules to get open whole domain *.nist.gov, directly from jenkins machine, connection works, so its being open- double checked from machine after proxy setup.

From some reason, once we want to use step “Invoke dependency scan” (in advance we defined new Dependency check installation - aligned to version 5.2.0 - and it was also necessary to open connection for dl.bintray.com) we are getting still the same errors as above.

Kindly please, can you take a look into that issue? It looks like proxy setup is being ignored

Thanks in advance

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Comments:5

github_iconTop GitHub Comments

1reaction
stevespringettcommented, Jul 31, 2019

I’m not aware of any Jenkins global tool plugin (i.e. Maven, Ant, JDK, etc) that uses Jenkins proxy settings. Conventional plugins do, tool plugins do not. It’s also not a binary configuration option as internal repos typically do not go through a proxy.

See also: https://github.com/jenkinsci/dependency-check-plugin/wiki/v5-Migration

0reactions
pavenovacommented, Aug 5, 2019

I’m not aware of any Jenkins global tool plugin (i.e. Maven, Ant, JDK, etc) that uses Jenkins proxy settings. Conventional plugins do, tool plugins do not. It’s also not a binary configuration option as internal repos typically do not go through a proxy.

See also: https://github.com/jenkinsci/dependency-check-plugin/wiki/v5-Migration

Hi, Steve, I can confirm, proxy is being taken as

-proxyserver <server> –proxyport <port>

Thank you for the tip, but it looks like it still needs some additional connection to be opened then, currently with new version we requested to open *.nist.gov but it seems not to be enough

Read more comments on GitHub >

github_iconTop Results From Across the Web

Reverse proxy - Issues - Jenkins
It appears that your reverse proxy setup is broken ... For a reverse proxy to work correctly, it needs to rewrite both the...
Read more >
How do you configure Jenkins to work with a proxy server?
Open Internet Explorer · Go to Internet Options and select the Connections tab · Select LAN settings · Enter the Proxy server host...
Read more >
Why does Jenkins complain that my reverse proxy setup is ...
Go to your Jenkins page; Click Manage Jenkins; Click Configure System; Scroll to Jenkins Location and find Jenkins URL. Ensure that port value...
Read more >
Proxy setup validation - CloudBees Support
In the Jenkins UI ( Manage Jenkins -> Manage Plugins -> Advanced ). · In the JVM arguments ( -Dhttp.proxyHost , -Dhttp.proxyPort ,...
Read more >
How to Configure Jenkins behind Proxy to Install Plugins
How to Configure Jenkins behind Proxy to Install Plugins · 1. Login into Jenkins portal with valid credentials. · 2. Go to “Manage...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

NodeAuditAnalyzer fails when hitting a 400 Bad Request where `npm audit` succeeds

Next page

OWASP gradle check failed