-
Improvement
-
Resolution: Unresolved
-
Minor
-
None
-
Jenkins: 2.179
Anchore container scanner plugin: 1.0.19
With the option "Fail build on policy check STOP result" (bailOnFail), you can fail a build when it contains a "STOP" result".
However right now, there is no way of marking a Jenkins build as "UNSTABLE", when there are warnings only in the docker image scan. For example I would like to give attention to the developers when there are medium leveled CVEs, but those should not fail the build.
Suggestion: Make the build status for "WARN" items configurable.
Hello berni_, apologies for the late response. I think flagging the build as unstable is a good idea. Especially when anchore engine (policy check op) produces a warn result. I'll add this to our backlog for next release. If you've already made the changes to the plugin to do this, please submit a PR and I'd be happy to merge it in. Thanks!