-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
Jenkins: 2.277.1
OS: Linux - 4.14.35-2047.501.2.el7uek.x86_64
---
envfile:1.2
ant:1.11
script-security:1.76
junit:1.49
timestamper:1.12
matrix-project:1.18
subversion:2.14.0
antisamy-markup-formatter:2.1
javadoc:1.6
pam-auth:1.6
windows-slaves:1.7
mailer:1.33
ldap:2.4
github-api:1.123
icon-shim:3.0.0
matrix-auth:2.6.6
github:1.33.1
token-macro:2.15
workflow-scm-step:2.12
external-monitor-job:1.7
build-timeout:1.20
cloudbees-folder:6.15
credentials:2.3.15
workflow-basic-steps:2.23
plain-credentials:1.7
ws-cleanup:0.39
structs:1.22
workflow-step-api:2.23
pipeline-stage-step:2.5
credentials-binding:1.24
active-directory:2.23
email-ext:2.82
ssh-credentials:1.18.1
git-client:3.7.0
scm-api:2.6.4
git:4.7.0
jquery:1.12.4-1
gradle:1.36
hp-quality-center:1.6
workflow-api:2.42
durable-task:1.35
branch-api:2.6.3
workflow-support:3.8
workflow-job:2.40
pipeline-rest-api:2.19
handlebars:1.1.1
momentjs:1.1.1
workflow-multibranch:2.22
jquery-detached:1.2.1
pipeline-stage-view:2.19
ssh-slaves:1.31.5
mapdb-api:1.0.9.0
ace-editor:1.1
run-condition:1.5
workflow-cps:2.90
git-server:1.9
workflow-cps-global-lib:2.18
workflow-aggregator:2.6
pipeline-build-step:2.13
pipeline-input-step:2.12
workflow-durable-task-step:2.38
github-branch-source:2.10.2
github-organization-folder:1.6
nodelabelparameter:1.7.2
hp-application-automation-tools-plugin:5.8
nexus-artifact-uploader:2.13
parameterized-trigger:2.40
build-pipeline-plugin:1.5.8
maven-plugin:3.10
conditional-buildstep:1.4.1
jackson2-api:2.12.1
role-strategy:3.1.1
dynamic_extended_choice_parameter:1.0.1
urltrigger:0.48
Parameterized-Remote-Trigger:3.1.5.1
StashBranchParameter:0.3.0
stash-pullrequest-builder:1.17
backup:1.6.1
qc:1.2.1
powershell:1.4
stashNotifier:1.20
publish-over-ssh:1.22
git-parameter:0.9.13
multiple-scms:0.6
envinject:2.4.0
cloudbees-credentials:3.3
ec2-deployment-dashboard:1.0.10
repository-connector:2.0.4
hidden-parameter:0.0.4
dropdown-viewstabbar-plugin:1.7
bouncycastle-api:2.20
release:2.11
jobConfigHistory:2.26
authentication-tokens:1.4
display-url-api:2.3.4
sonar:2.13
docker-commons:1.17
ssh-agent:1.21
docker-workflow:1.26
pipeline-milestone-step:1.3.2
copyartifact:1.46
pipeline-model-definition:1.8.4
pipeline-graph-analysis:1.10
resource-disposer:0.15
pipeline-model-api:1.8.4
pipeline-model-extensions:1.8.4
pipeline-stage-tags-metadata:1.8.4
pipeline-model-declarative-agent:1.1.1
pipeline-github-lib:1.0
command-launcher:1.5
envinject-api:1.7
blueocean-commons:1.24.5
jdk-tool:1.5
blueocean-rest:1.24.5
pubsub-light:1.13
blueocean-pipeline-scm-api:1.24.5
htmlpublisher:1.25
variant:1.4
blueocean-web:1.24.5
jira:3.2
blueocean-jwt:1.24.5
metrics:4.0.2.7
blueocean-rest-impl:1.24.5
blueocean-pipeline-api-impl:1.24.5
blueocean-github-pipeline:1.24.5
blueocean-git-pipeline:1.24.5
slack:2.46
blueocean-config:1.24.5
mercurial:2.14
blueocean-autofavorite:1.2.4
cloudbees-bitbucket-branch-source:2.9.7
jsch:0.1.55.2
favorite:2.3.3
blueocean-bitbucket-pipeline:1.24.5
blueocean:1.24.5
blueocean-personalization:1.24.5
blueocean-display-url:2.4.1
sse-gateway:1.24
blueocean-events:1.24.5
blueocean-pipeline-editor:1.24.5
blueocean-i18n:1.24.5
blueocean-dashboard:1.24.5
blueocean-core-js:1.24.5
test-results-analyzer:0.3.5
blueocean-jira:1.24.5
crx-content-package-deployer:1.9
pipeline-utility-steps:2.6.1
zentimestamp:4.2
lockable-resources:2.10
delivery-pipeline-plugin:1.4.2
cucumber-reports:5.5.0
artifactdeployer:1.2
publish-over:0.22
h2-api:1.4.199
pipeline-maven:3.10.0
versioncolumn:2.1
performance:3.19
apache-httpcomponents-client-4-api:4.5.13-1.0
handy-uri-templates-2-api:2.1.8-1.0
jenkins-design-language:1.24.5
trilead-api:1.0.13
plugin-usage-plugin:1.2
browserstack-integration:1.2.3
nexus-jenkins-plugin:3.11.20210308-082521.0d183ff
jquery-ui:1.0.2
blueocean-executor-info:1.24.5
jjwt-api:0.11.2-9.c8b45b8bb173
http_request:1.8.27
basic-branch-build-strategies:1.3.2
okhttp-api:3.14.9
config-file-provider:3.7.0
popper-api:1.16.1-2
plugin-util-api:2.0.0
font-awesome-api:5.15.2-2
extended-read-permission:3.2
Office-365-Connector:4.14.0
extensible-choice-parameter:1.7.0
bootstrap4-api:4.6.0-2
jquery3-api:3.5.1-3
extended-choice-parameter:0.82
snakeyaml-api:1.27.0
rapid7-insightvm-container-assessment:1.0.11
maven-artifact-choicelistprovider:1.7.1
echarts-api:5.0.1-1
checks-api:1.6.1Jenkins: 2.277.1 OS: Linux - 4.14.35-2047.501.2.el7uek.x86_64 --- envfile:1.2 ant:1.11 script-security:1.76 junit:1.49 timestamper:1.12 matrix-project:1.18 subversion:2.14.0 antisamy-markup-formatter:2.1 javadoc:1.6 pam-auth:1.6 windows-slaves:1.7 mailer:1.33 ldap:2.4 github-api:1.123 icon-shim:3.0.0 matrix-auth:2.6.6 github:1.33.1 token-macro:2.15 workflow-scm-step:2.12 external-monitor-job:1.7 build-timeout:1.20 cloudbees-folder:6.15 credentials:2.3.15 workflow-basic-steps:2.23 plain-credentials:1.7 ws-cleanup:0.39 structs:1.22 workflow-step-api:2.23 pipeline-stage-step:2.5 credentials-binding:1.24 active-directory:2.23 email-ext:2.82 ssh-credentials:1.18.1 git-client:3.7.0 scm-api:2.6.4 git:4.7.0 jquery:1.12.4-1 gradle:1.36 hp-quality-center:1.6 workflow-api:2.42 durable-task:1.35 branch-api:2.6.3 workflow-support:3.8 workflow-job:2.40 pipeline-rest-api:2.19 handlebars:1.1.1 momentjs:1.1.1 workflow-multibranch:2.22 jquery-detached:1.2.1 pipeline-stage-view:2.19 ssh-slaves:1.31.5 mapdb-api:1.0.9.0 ace-editor:1.1 run-condition:1.5 workflow-cps:2.90 git-server:1.9 workflow-cps-global-lib:2.18 workflow-aggregator:2.6 pipeline-build-step:2.13 pipeline-input-step:2.12 workflow-durable-task-step:2.38 github-branch-source:2.10.2 github-organization-folder:1.6 nodelabelparameter:1.7.2 hp-application-automation-tools-plugin:5.8 nexus-artifact-uploader:2.13 parameterized-trigger:2.40 build-pipeline-plugin:1.5.8 maven-plugin:3.10 conditional-buildstep:1.4.1 jackson2-api:2.12.1 role-strategy:3.1.1 dynamic_extended_choice_parameter:1.0.1 urltrigger:0.48 Parameterized-Remote-Trigger:3.1.5.1 StashBranchParameter:0.3.0 stash-pullrequest-builder:1.17 backup:1.6.1 qc:1.2.1 powershell:1.4 stashNotifier:1.20 publish-over-ssh:1.22 git-parameter:0.9.13 multiple-scms:0.6 envinject:2.4.0 cloudbees-credentials:3.3 ec2-deployment-dashboard:1.0.10 repository-connector:2.0.4 hidden-parameter:0.0.4 dropdown-viewstabbar-plugin:1.7 bouncycastle-api:2.20 release:2.11 jobConfigHistory:2.26 authentication-tokens:1.4 display-url-api:2.3.4 sonar:2.13 docker-commons:1.17 ssh-agent:1.21 docker-workflow:1.26 pipeline-milestone-step:1.3.2 copyartifact:1.46 pipeline-model-definition:1.8.4 pipeline-graph-analysis:1.10 resource-disposer:0.15 pipeline-model-api:1.8.4 pipeline-model-extensions:1.8.4 pipeline-stage-tags-metadata:1.8.4 pipeline-model-declarative-agent:1.1.1 pipeline-github-lib:1.0 command-launcher:1.5 envinject-api:1.7 blueocean-commons:1.24.5 jdk-tool:1.5 blueocean-rest:1.24.5 pubsub-light:1.13 blueocean-pipeline-scm-api:1.24.5 htmlpublisher:1.25 variant:1.4 blueocean-web:1.24.5 jira:3.2 blueocean-jwt:1.24.5 metrics:4.0.2.7 blueocean-rest-impl:1.24.5 blueocean-pipeline-api-impl:1.24.5 blueocean-github-pipeline:1.24.5 blueocean-git-pipeline:1.24.5 slack:2.46 blueocean-config:1.24.5 mercurial:2.14 blueocean-autofavorite:1.2.4 cloudbees-bitbucket-branch-source:2.9.7 jsch:0.1.55.2 favorite:2.3.3 blueocean-bitbucket-pipeline:1.24.5 blueocean:1.24.5 blueocean-personalization:1.24.5 blueocean-display-url:2.4.1 sse-gateway:1.24 blueocean-events:1.24.5 blueocean-pipeline-editor:1.24.5 blueocean-i18n:1.24.5 blueocean-dashboard:1.24.5 blueocean-core-js:1.24.5 test-results-analyzer:0.3.5 blueocean-jira:1.24.5 crx-content-package-deployer:1.9 pipeline-utility-steps:2.6.1 zentimestamp:4.2 lockable-resources:2.10 delivery-pipeline-plugin:1.4.2 cucumber-reports:5.5.0 artifactdeployer:1.2 publish-over:0.22 h2-api:1.4.199 pipeline-maven:3.10.0 versioncolumn:2.1 performance:3.19 apache-httpcomponents-client-4-api:4.5.13-1.0 handy-uri-templates-2-api:2.1.8-1.0 jenkins-design-language:1.24.5 trilead-api:1.0.13 plugin-usage-plugin:1.2 browserstack-integration:1.2.3 nexus-jenkins-plugin:3.11.20210308-082521.0d183ff jquery-ui:1.0.2 blueocean-executor-info:1.24.5 jjwt-api:0.11.2-9.c8b45b8bb173 http_request:1.8.27 basic-branch-build-strategies:1.3.2 okhttp-api:3.14.9 config-file-provider:3.7.0 popper-api:1.16.1-2 plugin-util-api:2.0.0 font-awesome-api:5.15.2-2 extended-read-permission:3.2 Office-365-Connector:4.14.0 extensible-choice-parameter:1.7.0 bootstrap4-api:4.6.0-2 jquery3-api:3.5.1-3 extended-choice-parameter:0.82 snakeyaml-api:1.27.0 rapid7-insightvm-container-assessment:1.0.11 maven-artifact-choicelistprovider:1.7.1 echarts-api:5.0.1-1 checks-api:1.6.1
In a declarative pipeline I have a stage which submits 2 container images for assessment. If the threshold rule for vulnerabilities is met the pipeline is marked as failed. however, the step and stage still show as successful. The stage does not fail and the pipeline continues. When an assessment fails, both the step and stage should be marked as failed. The pipeline should stop and also marked as failed. Currently this does not happen.
Here is the stage:
stage('Assess') { steps { echo '=========== ^^^^^^^^^^^^ Assessing images...' script { assessContainerImage failOnPluginError: true, imageId: "${env.imageIdApi}", thresholdRules: [totalVulnerabilities(action: 'Fail', threshold: '1')], nameRules: [] assessContainerImage failOnPluginError: true, imageId: "${env.imageIdUi}", thresholdRules: [totalVulnerabilities(action: 'Fail', threshold: '1')], nameRules: [] } } }
And the resulting pipeline run:
[JENKINS-65270] Assessment not marking stage as failed and failing pipeline
Jonathan Whitby
created issue -
Jonathan Whitby
made changes -
| Attachment | Original: image-2021-03-31-11-19-59-645.png [ 54393 ] |
Jonathan Whitby
made changes -
| Description |
Original:
In a declarative pipeline I have a stage which submits 2 container images for assessment. If the threshold rule for vulnerabilities is met the pipeline is marked as failed. however, the step and stage still show as successful. The stage does not fail and the pipeline continues. When an assessment fails, both the step and stage should be marked as failed. The pipeline should stop and also marked as failed. Currently this does not happen.
Here is the stage: {code:java} stage('Assess') { steps { echo '=========== ^^^^^^^^^^^^ Assessing images...' script { assessContainerImage failOnPluginError: true, imageId: "${env.imageIdApi}", thresholdRules: [totalVulnerabilities(action: 'Fail', threshold: '1')], nameRules: [] assessContainerImage failOnPluginError: true, imageId: "${env.imageIdUi}", thresholdRules: [totalVulnerabilities(action: 'Fail', threshold: '1')], nameRules: [] } } } {code} And the resulting pipeline run: !image-2021-03-31-11-19-59-645.png|thumbnail! |
New:
In a declarative pipeline I have a stage which submits 2 container images for assessment. If the threshold rule for vulnerabilities is met the pipeline is marked as failed. however, the step and stage still show as successful. The stage does not fail and the pipeline continues. When an assessment fails, both the step and stage should be marked as failed. The pipeline should stop and also marked as failed. Currently this does not happen.
Here is the stage: {code:java} stage('Assess') { steps { echo '=========== ^^^^^^^^^^^^ Assessing images...' script { assessContainerImage failOnPluginError: true, imageId: "${env.imageIdApi}", thresholdRules: [totalVulnerabilities(action: 'Fail', threshold: '1')], nameRules: [] assessContainerImage failOnPluginError: true, imageId: "${env.imageIdUi}", thresholdRules: [totalVulnerabilities(action: 'Fail', threshold: '1')], nameRules: [] } } } {code} And the resulting pipeline run: |
Jonathan Whitby
made changes -
| Attachment | New: pipeline-screenshot-1.png [ 54394 ] |
Jonathan Whitby
made changes -
| Description |
Original:
In a declarative pipeline I have a stage which submits 2 container images for assessment. If the threshold rule for vulnerabilities is met the pipeline is marked as failed. however, the step and stage still show as successful. The stage does not fail and the pipeline continues. When an assessment fails, both the step and stage should be marked as failed. The pipeline should stop and also marked as failed. Currently this does not happen.
Here is the stage: {code:java} stage('Assess') { steps { echo '=========== ^^^^^^^^^^^^ Assessing images...' script { assessContainerImage failOnPluginError: true, imageId: "${env.imageIdApi}", thresholdRules: [totalVulnerabilities(action: 'Fail', threshold: '1')], nameRules: [] assessContainerImage failOnPluginError: true, imageId: "${env.imageIdUi}", thresholdRules: [totalVulnerabilities(action: 'Fail', threshold: '1')], nameRules: [] } } } {code} And the resulting pipeline run: |
New:
In a declarative pipeline I have a stage which submits 2 container images for assessment. If the threshold rule for vulnerabilities is met the pipeline is marked as failed. however, the step and stage still show as successful. The stage does not fail and the pipeline continues. When an assessment fails, both the step and stage should be marked as failed. The pipeline should stop and also marked as failed. Currently this does not happen.
Here is the stage: {code:java} stage('Assess') { steps { echo '=========== ^^^^^^^^^^^^ Assessing images...' script { assessContainerImage failOnPluginError: true, imageId: "${env.imageIdApi}", thresholdRules: [totalVulnerabilities(action: 'Fail', threshold: '1')], nameRules: [] assessContainerImage failOnPluginError: true, imageId: "${env.imageIdUi}", thresholdRules: [totalVulnerabilities(action: 'Fail', threshold: '1')], nameRules: [] } } } {code} And the resulting pipeline run: !pipeline-screenshot-1.png|thumbnail! |
