-
Bug
-
Resolution: Unresolved
-
Minor
-
None
Hi,
My pipeline has multiple stages and each stage creates a docker image.
there are two issues, first at the end of the pipeline I end up having 3 separate 'Achore reports' but they all have the same data (the Achore Policy Evaluation Report has the results for the 3 scans). Second, the 'Anchore Policy Evaluation Summary' shows the same image for the 3 different 'Anchore reports'
The pipeline process is something like
- Create base image
- Create Builder image
- Create Runner image
I check each image after each stage (so that it fails if one of them had issues)
I run
anchore(name: IMAGES_FILE_PATH, engineRetries: '1000', forceAnalyze: true,
policyBundleId: 'policyName')
I tried using different names for the IMAGES_FILE_PATH but it yields the same problems
it would be nice if each report only had the information about that one image
Sorry if I didnt provided enough details, I would be happy to add more info
Thanks!
Edit:
Kind of related stack overflow issue
with the exception that I cant wait until the end to scan the images
[JENKINS-61014] Anchore plugin overwrittes pipeline reports
Juan Caldas
created issue -
Juan Caldas
made changes -
| Description |
Original:
Hi, My pipeline has multiple stages and each stage creates a docker image. there are two issues, first at the end of the pipeline I end up having 3 separate 'Achore reports' but they all have the same data (the Achore Policy Evaluation Report has the results for the 3 scans). Second, the 'Anchore Policy Evaluation Summary' shows the same image for the 3 different 'Anchore reports' The pipeline process is something like * Create base image * Create Builder image * Create Runner image I check each image after each stage (so that it fails if one of them had issues) I run anchore(name: IMAGES_FILE_PATH, engineRetries: '1000', forceAnalyze: true, policyBundleId: 'policyName') I tried using different names for the IMAGES_FILE_PATH but it yields the same problems it would be nice if each report only had the information about that one image Sorry if I didnt provided enough details, I would be happy to add more info Thanks! |
New:
Hi, My pipeline has multiple stages and each stage creates a docker image. there are two issues, first at the end of the pipeline I end up having 3 separate 'Achore reports' but they all have the same data (the Achore Policy Evaluation Report has the results for the 3 scans). Second, the 'Anchore Policy Evaluation Summary' shows the same image for the 3 different 'Anchore reports' The pipeline process is something like * Create base image * Create Builder image * Create Runner image I check each image after each stage (so that it fails if one of them had issues) I run anchore(name: IMAGES_FILE_PATH, engineRetries: '1000', forceAnalyze: true, policyBundleId: 'policyName') I tried using different names for the IMAGES_FILE_PATH but it yields the same problems it would be nice if each report only had the information about that one image Sorry if I didnt provided enough details, I would be happy to add more info Thanks! Edit: Kind of related stack overflow issue [https://stackoverflow.com/questions/57367074/adding-multiple-docker-images-in-jenkins-pipeline-to-scan-security-vulnerabiliti] with the exception that I cant wait until the end to scan the images |
