Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-59063

anchore plugin: Add a new option for setting builds to "UNSTABLE" for "WARN" items

    • Icon: Improvement Improvement
    • Resolution: Unresolved
    • Icon: Minor Minor
    • None
    • Jenkins: 2.179
      Anchore container scanner plugin: 1.0.19

      With the option "Fail build on policy check STOP result" (bailOnFail), you can fail a build when it contains a "STOP" result".

      However right now, there is no way of marking a Jenkins build as "UNSTABLE", when there are warnings only in the docker image scan. For example I would like to give attention to the developers when there are medium leveled CVEs, but those should not fail the build.

      Suggestion: Make the build status for "WARN" items configurable.

       

          [JENKINS-59063] anchore plugin: Add a new option for setting builds to "UNSTABLE" for "WARN" items

          Hello berni_, apologies for the late response. I think flagging the build as unstable is a good idea. Especially when anchore engine (policy check op) produces a warn result. I'll add this to our backlog for next release. If you've already made the changes to the plugin to do this, please submit a PR and I'd be happy to merge it in. Thanks!

          Swathi Gangisetty added a comment - Hello berni_ , apologies for the late response. I think flagging the build as unstable is a good idea. Especially when anchore engine (policy check op) produces a warn result. I'll add this to our backlog for next release. If you've already made the changes to the plugin to do this, please submit a PR and I'd be happy to merge it in. Thanks!

            swathigangisetty Swathi Gangisetty
            berni_ Bernhard Kaszt
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: