Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-41081

Anchore plugin does not use default policy to evaluate gates when policy configuration is left blank in the build step

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • anchore-container-scanner-plugin
    • None
    • Jenkins version: 2.32.1
      Anchore plugin version: 1.0.4
      Jenkins running in a container

      As per the help for "Policy file" parameter in the Anchore Container Image Scanner build step, the plugin uses a default policy if the field is left blank/empty. The actual behavior observed was the plugin evaluates the gate with an empty policy document resulting in no gate output

        1. screenshot-1.png
          screenshot-1.png
          199 kB
        2. screenshot-2.png
          screenshot-2.png
          70 kB

          [JENKINS-41081] Anchore plugin does not use default policy to evaluate gates when policy configuration is left blank in the build step

          SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Swathi Gangisetty
          Path:
          .gitignore
          src/main/java/com/anchore/jenkins/plugins/anchore/AnchoreAction.java
          src/main/java/com/anchore/jenkins/plugins/anchore/AnchoreBuilder.java
          src/main/java/com/anchore/jenkins/plugins/anchore/AnchoreQuery.java
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreAction/index.jelly
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreAction/summary.jelly
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/config.jelly
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/global.jelly
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-bailOnFail.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-bailOnPluginFail.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-bailOnWarn.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-containerId.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-containerImageId.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-doCleanup.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-doQuery.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-localVol.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-modulesVol.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-name.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-policyName.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-query1.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-query2.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-query3.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-query4.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-useSudo.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-userScripts.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreQuery/config.jelly
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreQuery/help-query.html
          src/main/webapp/help/help-queriesBlock.html
          http://jenkins-ci.org/commit/anchore-container-scanner-plugin/5a7e570a285dcc015e5be94252833fa8698db54c
          Log:
          Plugin upgrades and bug fixes...

          Display Jenkins and Anchore plugin versions in build console log.
          Use default Anchore policy if it's not provided to plugin - JENKINS-41081.
          Dynamic list of queries.
          Improve logging.
          Clean up workspaces after plugin execution regardless of the end result.

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Swathi Gangisetty Path: .gitignore src/main/java/com/anchore/jenkins/plugins/anchore/AnchoreAction.java src/main/java/com/anchore/jenkins/plugins/anchore/AnchoreBuilder.java src/main/java/com/anchore/jenkins/plugins/anchore/AnchoreQuery.java src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreAction/index.jelly src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreAction/summary.jelly src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/config.jelly src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/global.jelly src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-bailOnFail.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-bailOnPluginFail.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-bailOnWarn.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-containerId.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-containerImageId.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-doCleanup.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-doQuery.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-localVol.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-modulesVol.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-name.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-policyName.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-query1.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-query2.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-query3.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-query4.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-useSudo.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-userScripts.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreQuery/config.jelly src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreQuery/help-query.html src/main/webapp/help/help-queriesBlock.html http://jenkins-ci.org/commit/anchore-container-scanner-plugin/5a7e570a285dcc015e5be94252833fa8698db54c Log: Plugin upgrades and bug fixes... Display Jenkins and Anchore plugin versions in build console log. Use default Anchore policy if it's not provided to plugin - JENKINS-41081 . Dynamic list of queries. Improve logging. Clean up workspaces after plugin execution regardless of the end result.

          Swathi Gangisetty added a comment -

          Bug fix and other improvements to the plugin to be released in version v1.0.5, refer to the git commit above for the changes

          Swathi Gangisetty added a comment - Bug fix and other improvements to the plugin to be released in version v1.0.5, refer to the git commit above for the changes

            swathigangisetty Swathi Gangisetty
            swathigangisetty Swathi Gangisetty
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: