Support for Processing Remote Scan Results in the Background
For scans performed by the generic or Docker Images scan-agent plugin only, the phase in which the scan results are processed in Code Insight for a given project is run as a background job that users can track in the Jobs queue. During such scans, the plugin sends the scan results in JSON format to Code Insight as a .txt file to be stored temporarily in Code Insight. Once the results are successfully sent, the job ID for processing the results in Code Insight is created and the job is added to the job queue. (The ID is also returned to the plugin to indicate that the results were successfully sent.) Users can track the progress of the results-processing as a Remote Scan job in the Jobs queue. (Progress is shown as Active, Scheduled, Completed, or Failed.) When Code Insight completes the processing, the temporary file is removed.
For more information about the Jobs queue, see Monitoring the Code Insight Jobs Queue.
For all other plugin scans, as soon as Code Insight receives the results, they are processed in the foreground.
About Running a Other Jobs Along with a Job That Processes Remote Scan Results
Note the following about running a job for remote-scan processing along with other jobs:
| • | Only one Remote Scan job can run on a project at a given time. All other Remote Scan jobs for the project are placed in a Scheduled state and run in scheduled order. |
| • | When a Remote Scan job for a specific project is in progress or waiting to run (with an Active, New, Waiting on Update, or Scheduled status), a job for a project import, SBOM Insights export, report generation, or project deletion for the same project is placed in a Scheduled state and run in scheduled order. Likewise, when any of these other jobs are currently in progress or waiting to run, a new Remote Scan job for the same project is placed in a Scheduled state and run in scheduled order. |
| • | When a Remote Scan job for a specific project is in progress or waiting to run (with an Active, New, Waiting on Update, or Scheduled status), a branching process cannot be performed on the same project. (The Branch Project option on the Manage Project menu for the project is disabled.) The user must wait for the Remote Scan job to complete before attempting to run the branching process again. |
Similarly, if a branching process is currently in progress or waiting to run for a specific project and a remote scan is attempted for the same project, the target project displays the message “Cannot import data for remote scan since project branching is in progress for the same project <projectid>”.
| • | When a Remote Scan job for a specific project is in progress or waiting to run (with an Active, New, Waiting on Update, or Scheduled status), a copy of this project cannot be performed. If a user attempts to run a project copy, a pop-up is displayed, explaining this situation. The user must wait for the Remote Scan job to complete before attempting to run the copy again. |
Similarly, if a project copy is currently in progress or scheduled and a remote scan is attempted for the same project, both the source and the target project display the message “Cannot import data for remote scan since project copy is in progress for the same project <projectid>”.
| • | If an Electronic Update is currently scheduled or in progress, all subsequent Remote Scan jobs are placed in a Scheduled state. Once the update is finished, these jobs are run based on the scheduled order. |
| • | If a Library Refresh job is currently scheduled or in progress and a Remote Scan job is added to the queue, the job fails. You must wait until the Library Refresh is complete before having the scan-agent plugin run the scan again. |