Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-62040

pipeline cannot find and archiveArtifacts anchore.json after anchore plugin scan

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Trivial Trivial
    • None
    • openstack, linux

      Enterprise Client Version: 0.6.0
        Anchore Engine Version: 0.6.0
        Anchore DB Version: 0.0.12

      1. Jenkins anchore plugin scan docker image,
      then archive artifacts: '**/*.json',
      But no anchore.json archived, this anchore.json is missing

      2. Jenkins anchore plugin scan docker image,
      then archive artifacts: 'AnchoreReport.${JOB_BASE_NAME}_${BUILD_NUMBER}/*.json',
      No artifacts found that match the file pattern "AnchoreReport.CSF-Anchore-Scan_82/*.json". Configuration error?

       
      13:07:39 ‘anchore*.json’ doesn’t match anything*

      13:07:39* No artifacts found that match the file pattern "anchore*.json". Configuration error?

       

      So, how to archive the anchore.json file?

      Enterprise Client Version: 0.6.0
      Anchore Engine Version: 0.6.0
      Anchore DB Version: 0.0.12

          [JENKINS-62040] pipeline cannot find and archiveArtifacts anchore.json after anchore plugin scan

          Marky Jackson added a comment -

          I will attempt to duplicate your setup later this AM

          Marky Jackson added a comment - I will attempt to duplicate your setup later this AM

          Anthony Guo added a comment -

          any update?

          any clue?

          Thanks!

          Anthony Guo added a comment - any update? any clue? Thanks!

          Marky Jackson added a comment -

          My apologies for the delayed reply.

          I tried reproducing this and could not. In looking at your Jenkinsfile, I see that you are using a library, that could be suspect. Can you provide the logs from Managed Jenkins>System Logs

          Marky Jackson added a comment - My apologies for the delayed reply. I tried reproducing this and could not. In looking at your Jenkinsfile, I see that you are using a library, that could be suspect. Can you provide the logs from Managed Jenkins>System Logs

          Tony Wen added a comment -

          From anchore plugin src, seems anchore plugin itself does archiving some json results, and in then end, clear the anchor folder, could it be the cause? If it is, why we can see them sometime?

          Tony Wen added a comment - From anchore plugin src, seems anchore plugin itself does archiving some json results, and in then end, clear the anchor folder, could it be the cause? If it is, why we can see them sometime?

          Marky Jackson added a comment -

          walthhy you are correct. A directory with all the vulnerability data is what you are referring to, in most cases you should not see that because of the clean up that takes place. In some edge cases, that clean up doesn't happen and that is why you see it. 

          Marky Jackson added a comment - walthhy you are correct. A directory with all the vulnerability data is what you are referring to, in most cases you should not see that because of the clean up that takes place. In some edge cases, that clean up doesn't happen and that is why you see it. 

          Marky Jackson added a comment -

          I will leave.this open in till Friday. I think the main answer is mine from yesterday.
          Let me know if I am misinterpreting

          Marky Jackson added a comment - I will leave.this open in till Friday. I think the main answer is mine from yesterday. Let me know if I am misinterpreting

          Tony Wen added a comment -

          jequals5, thanks. we still have questions, forgive me not familiar with plugin code.

          Could you help us identifying under which condition we will have aritifacts.

          1. which artifacts/json report will be archived automatically under which condition
          2. when clean up case will be executed and when not?
          3. is it possible to keep those json output always?

          Tony Wen added a comment - jequals5 , thanks. we still have questions, forgive me not familiar with plugin code. Could you help us identifying under which condition we will have aritifacts. which artifacts/json report will be archived automatically under which condition when clean up case will be executed and when not? is it possible to keep those json output always?

          Marky Jackson added a comment -
          1. The scan keeps a report of vulnerabilities and policy evaluations. This happens during each scan
          2. Clean up should always take place unless there was some edge case that stopped that from happening. Network latency, Jenkins hiccup, etc.
          3. Depending on how your scan job is configured, all jobs should retain the output of the report and there is a historical linkage in your workspace.

           

          Hope that helps

          Marky Jackson added a comment - The scan keeps a report of vulnerabilities and policy evaluations. This happens during each scan Clean up should always take place unless there was some edge case that stopped that from happening. Network latency, Jenkins hiccup, etc. Depending on how your scan job is configured, all jobs should retain the output of the report and there is a historical linkage in your workspace.   Hope that helps

          Anthony Guo added a comment -

          Hi  jequals5 ,  How to config the job to keep the output report (*.json files) ?  

           

          Anthony Guo added a comment - Hi  jequals5  ,  How to config the job to keep the output report (*.json files) ?    

          Marky Jackson added a comment -

          I would need to test that. I can do that but it will be a couple of days due to other priorities.

          i changed the severity of this because saving the data is not the intended use case.

          i will update in a day of 2

          Marky Jackson added a comment - I would need to test that. I can do that but it will be a couple of days due to other priorities. i changed the severity of this because saving the data is not the intended use case. i will update in a day of 2

            Unassigned Unassigned
            guobaisheng Anthony Guo
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: