Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-41081

Anchore plugin does not use default policy to evaluate gates when policy configuration is left blank in the build step

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved (View Workflow)
    • Minor
    • Resolution: Fixed
    • None
    • Jenkins version: 2.32.1
      Anchore plugin version: 1.0.4
      Jenkins running in a container

    Description

      As per the help for "Policy file" parameter in the Anchore Container Image Scanner build step, the plugin uses a default policy if the field is left blank/empty. The actual behavior observed was the plugin evaluates the gate with an empty policy document resulting in no gate output

      Attachments

        1. screenshot-1.png
          199 kB
          Swathi Gangisetty
        2. screenshot-2.png
          70 kB
          Swathi Gangisetty

        Activity

          Code changed in jenkins
          User: Swathi Gangisetty
          Path:
          .gitignore
          src/main/java/com/anchore/jenkins/plugins/anchore/AnchoreAction.java
          src/main/java/com/anchore/jenkins/plugins/anchore/AnchoreBuilder.java
          src/main/java/com/anchore/jenkins/plugins/anchore/AnchoreQuery.java
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreAction/index.jelly
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreAction/summary.jelly
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/config.jelly
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/global.jelly
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-bailOnFail.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-bailOnPluginFail.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-bailOnWarn.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-containerId.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-containerImageId.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-doCleanup.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-doQuery.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-localVol.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-modulesVol.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-name.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-policyName.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-query1.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-query2.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-query3.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-query4.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-useSudo.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-userScripts.html
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreQuery/config.jelly
          src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreQuery/help-query.html
          src/main/webapp/help/help-queriesBlock.html
          http://jenkins-ci.org/commit/anchore-container-scanner-plugin/5a7e570a285dcc015e5be94252833fa8698db54c
          Log:
          Plugin upgrades and bug fixes...

          Display Jenkins and Anchore plugin versions in build console log.
          Use default Anchore policy if it's not provided to plugin - JENKINS-41081.
          Dynamic list of queries.
          Improve logging.
          Clean up workspaces after plugin execution regardless of the end result.

          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Swathi Gangisetty Path: .gitignore src/main/java/com/anchore/jenkins/plugins/anchore/AnchoreAction.java src/main/java/com/anchore/jenkins/plugins/anchore/AnchoreBuilder.java src/main/java/com/anchore/jenkins/plugins/anchore/AnchoreQuery.java src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreAction/index.jelly src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreAction/summary.jelly src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/config.jelly src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/global.jelly src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-bailOnFail.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-bailOnPluginFail.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-bailOnWarn.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-containerId.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-containerImageId.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-doCleanup.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-doQuery.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-localVol.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-modulesVol.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-name.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-policyName.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-query1.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-query2.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-query3.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-query4.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-useSudo.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreBuilder/help-userScripts.html src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreQuery/config.jelly src/main/resources/com/anchore/jenkins/plugins/anchore/AnchoreQuery/help-query.html src/main/webapp/help/help-queriesBlock.html http://jenkins-ci.org/commit/anchore-container-scanner-plugin/5a7e570a285dcc015e5be94252833fa8698db54c Log: Plugin upgrades and bug fixes... Display Jenkins and Anchore plugin versions in build console log. Use default Anchore policy if it's not provided to plugin - JENKINS-41081 . Dynamic list of queries. Improve logging. Clean up workspaces after plugin execution regardless of the end result.

          Bug fix and other improvements to the plugin to be released in version v1.0.5, refer to the git commit above for the changes

          swathigangisetty Swathi Gangisetty added a comment - Bug fix and other improvements to the plugin to be released in version v1.0.5, refer to the git commit above for the changes

          People

            swathigangisetty Swathi Gangisetty
            swathigangisetty Swathi Gangisetty
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: