-
Bug
-
Resolution: Not A Defect
-
Minor
-
None
-
OS: Ubuntu 18.04
JDK: OpenJDK 1.8.0_212-b03
The anchore plugin is failing prematurely and not respsecting the `engineRetries` setting. In the output below, you can see it's set to 700, which should be about 50 minutes, but the job fails after 12 with the status of the image still in analysis
2019-05-23T23:54:20.646 INFO AnchoreWorker Jenkins version: 2.177
2019-05-23T23:54:20.646 INFO AnchoreWorker Anchore Container Image Scanner Plugin version: 1.0.18
2019-05-23T23:54:20.646 INFO AnchoreWorker [global] debug: false
2019-05-23T23:54:20.646 INFO AnchoreWorker [global] enginemode: anchoreengine
2019-05-23T23:54:20.646 INFO AnchoreWorker [build] engineurl: http://anchore/v12019-05-23T23:54:20.646 INFO AnchoreWorker [build] engineuser: admin
2019-05-23T23:54:20.647 INFO AnchoreWorker [build] enginepass: ****
2019-05-23T23:54:20.647 INFO AnchoreWorker [build] engineverify: false
2019-05-23T23:54:20.647 INFO AnchoreWorker [build] name: anchore_images
2019-05-23T23:54:20.647 INFO AnchoreWorker [build] engineRetries: 700
2019-05-23T23:54:20.647 INFO AnchoreWorker [build] policyBundleId:
2019-05-23T23:54:20.647 INFO AnchoreWorker [build] bailOnFail: false
2019-05-23T23:54:20.647 INFO AnchoreWorker [build] bailOnPluginFail: true
2019-05-23T23:54:20.647 INFO AnchoreWorker Submitting 000000000000.dkr.ecr.us-east-1.amazonaws.com/anchore:image-7a0a2c4 for analysis
2019-05-23T23:54:21.025 INFO AnchoreWorker Analysis request accepted, received image digest sha256:e067b16f7b512f9624b0a82384bbb46602450d2923df91873b670db087944f66
2019-05-23T23:54:21.025 INFO AnchoreWorker Waiting for analysis of 000000000000.dkr.ecr.us-east-1.amazonaws.com/anchore:image-7a0a2c4, polling status periodically
2019-05-24T00:06:51.911 WARN AnchoreWorker anchore-engine get policy evaluation failed. HTTP method: GET, URL: http://anchore/v1/images/sha256:e067b16f7b512f9624b0a82384bbb46602450d2923df91873b670db087944f66/check?tag=0000000000.dkr.ecr.us-east-1.amazonaws.com/anchore:image-7a0a2c4&detail=true, status: 404, error: {
"detail": {},
"httpcode": 404,
"message": "image is not analyzed - analysis_status: analyzing"
}
2019-05-24T00:06:51.911 WARN AnchoreWorker Exhausted all attempts polling anchore-engine. Analysis is incomplete for sha256:e067b16f7b512f9624b0a82384bbb46602450d2923df91873b670db087944f66
chizou, engineRetries is how long (in seconds) the plugin will wait for anchore engine to complete analysis. Technically, it's the number of polling attempts spaced at 1 second intervals. A polling attempt is where the plugin checks the status of the image analysis in anchore engine. So a value of 700 instructs the plugin to wait for 700 seconds or 11+ minutes for the image analysis to complete. If you expect the analysis to take longer, say 1 hour, bump engineRetries to 6000
Docs for engineRetries attribute in the plugin help are incorrect. It should be addressed in the next release