云效-流水线”“漏洞扫描”问题,帮忙看下是什么情况?是编译有问题么?本地的是好的。
前面构建都是正常的、耗时也基本差不多。
扫描 实际失败了,整体还显示为“成功”。
日志如下:[executionStep begins at 2023-12-15 13:25:56]
[92m[13:25:56] [SUCCESS] 鑾峰彇 Credential 鎴愬姛
[1m[13:25:56] [INFO] 浣跨敤宸ヤ綔璺緞/root/workspace/moo-tax-platform_tjHl
[1m[13:25:56] [INFO] 鎵ц姝ラ
[13:25:56] [INFO] pinpoint-5.7
[13:25:56] [INFO] PIPELINE_ID=2697682
[13:25:56] [INFO] PIPELINE_NAME=CS-MOO-PLATFORM
[13:25:56] [INFO] BUILD_NUMBER=74
[13:25:56] [INFO] EMPLOYEE_ID=5ef05a6f82c9b28649c4ac8b
[13:25:56] [INFO] WORK_SPACE=/root/workspace
[13:25:56] [INFO] PROJECT_DIR=/root/workspace/moo-tax-platform_tjHl
[13:25:56] [INFO] PLUGIN_DIR=/root/plugins
[13:25:56] [INFO] BUILD_JOB_ID=174390505
[13:25:56] [INFO] CI_COMMIT_SHA=
[13:25:56] [INFO] start to source stepContext
[13:25:56] [INFO] source completed
[13:25:56] [INFO] stepContext done
[13:25:56] [INFO] start to get report parser
[13:25:57] [INFO] report parser is ready
[13:25:57] 鍗佷簩鏈� 15, 2023 1:25:57 涓嬪崍 com.alibaba.force.build.issue.pinpoint.CheckinWriter main
[13:25:57] 淇℃伅: Build task checkin..
[13:25:57] 鍗佷簩鏈� 15, 2023 1:25:57 涓嬪崍 com.alibaba.force.build.issue.pinpoint.CheckinWriter main
[13:25:57] 淇℃伅: https://codeup.aliyun.com/ifugle/biz-org/moo-tax-platform.git checkin with Codeup..
[13:25:57] 鍗佷簩鏈� 15, 2023 1:25:57 涓嬪崍 com.alibaba.force.build.issue.pinpoint.CheckinWriter main
[13:25:57] 淇℃伅: checkin success..
[13:25:57] 鍗佷簩鏈� 15, 2023 1:25:57 涓嬪崍 com.alibaba.force.build.api.impl.BuildResultApiImpl addBuildResult
[13:25:57] 淇℃伅: addBuildResult reqBody: {“branch”:”feature/secbugsfix_1116_bl”,”mode”:”MANUAL_FULL”,”pipeline_id”:2697682,”project_id”:353953,”sha”:”5db2d8106f6e06a244714d1f9bf197eb90d3df8b”,”task_name”:”PINPOINT_FULL”,”url”:”{\”name\”:\”CS-MOO-PLATFORM\”,\”url\”:\”https://flow.aliyun.com/pipelines/2697682/builds/74\”}”}
[13:25:57] 鍗佷簩鏈� 15, 2023 1:25:57 涓嬪崍 com.alibaba.force.build.api.impl.BuildResultApiImpl addBuildResult
[13:25:57] 淇℃伅: addBuildResult response: {“blockerCount”:0,”branch”:”feature/secbugsfix_1116_bl”,”criticalCount”:0,”gmtCreate”:”2023-12-15T13:25:58+08:00″,”gmtModified”:”2023-12-15T13:25:58+08:00″,”id”:548132487,”majorCount”:0,”mode”:”MANUAL_FULL”,”pipelineId”:2697682,”projectId”:353953,”sha”:”5db2d8106f6e06a244714d1f9bf197eb90d3df8b”,”state”:”RUNNING”,”taskName”:”PINPOINT_FULL”,”triggerUserId”:21782,”url”:”{\”name\”:\”CS-MOO-PLATFORM\”,\”url\”:\”https://flow.aliyun.com/pipelines/2697682/builds/74\”}”}
[13:25:57] 鍗佷簩鏈� 15, 2023 1:25:57 涓嬪崍 com.alibaba.force.build.api.impl.BuildResultApiImpl addBuildResult
[13:25:57] 淇℃伅: Create /root/workspace/brId
[13:25:57] BuildResultId read from file: 548132487
[13:25:57] buildResultId: 548132487
[13:25:58] [INFO] total files size 17065
[13:25:58] [INFO] start to run pinpoint check..
[13:26:01] [2023-12-15 13:26:01]
[13:26:01] [2023-12-15 13:26:01] [on_clean] [pp-no-capture-java] Initializing.
[13:26:01] [2023-12-15 13:26:01]
[13:26:01] [2023-12-15 13:26:01]
[13:26:01] [2023-12-15 13:26:01] [on_clean] [pp-no-capture-java] Complete.
[13:26:01] [2023-12-15 13:26:01]
[13:26:01] [2023-12-15 13:26:01]
[13:26:01] [2023-12-15
以下为热心网友提供的参考意见
这个确认了下,是因为您的代码库比较大,因为pinpoint这个检测插件比较耗费性能,所以会检测失败,目前这个插件针对大库会有失败的概率,当前的解法是如果不是在devops流程里强依赖这个检测,可以先针对构建大库的流水线删除一下这个步骤,我们也已经在对这个插件的检测性能做优化。此回答整理自钉群“云效交付域答疑群”