• Type: New Feature
• Resolution: Unresolved
• Priority: Minor
• Component/s: anchore-container-scanner-plugin
• Labels:

  None
• Environment:

  Jenkins 2.263.1
  Anchore Container Scanner Plugin 1.0.23

[JENKINS-66114] Anchore plugin reports should still render when Resource Root URL is configured

JP created issue - 2021-07-09 19:58

JP made changes - 2021-07-09 20:01

Description

Original: This cannot pull `anchore_gates.json` and `anchore_security.json` artifacts clientside when a Resource root URL is set in Jenkins > Manage Jenkins > Configure System. The browser console indicates a cors issue: `Access to XMLHttpRequest at 'https://<jenkins resource root url>/static-files/1Gn7axCcS4I1-5RgHpYPLvlaS8PfaVqDfS-8oo5tV64xNjI1ODYwNDAxMjkxOjU6YWRtaW46am9iL3NtYXJ0bGlmdC1zdG9yZS11aS9qb2IvbWFpbi8zMi9hcnRpZmFjdA==/AnchoreReport.main_32/anchore_security.json' (redirected from 'https://<jenkins url>/job/smartlift-store-ui/job/main/32/artifact/AnchoreReport.main_32/anchore_security.json') from origin 'https://<jenkins url>' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource`

New:   When viewing https://&lt;jenkins url>/job/<job name>/job/main/1/anchore-results/,  this plugin cannot pull `anchore_gates.json` and `anchore_security.json` artifacts client-side when a Resource root URL is set in Jenkins > Manage Jenkins > Configure System.   The browser console indicates a cors issue: {code:java} Access to XMLHttpRequest at 'https://&lt;jenkins resource root url>/static-files/1Gn7axCcS4I1-5RgHpYPLvlaS8PfaVqDfS-8oo5tV64xNjI1ODYwNDAxMjkxOjU6YWRtaW46am9iL3NtYXJ0bGlmdC1zdG9yZS11aS9qb2IvbWFpbi8zMi9hcnRpZmFjdA==/AnchoreReport.main_32/anchore_security.json' (redirected from 'https://&lt;jenkins url>/job/<job name>/job/main/1/artifact/AnchoreReport.main_32/anchore_security.json') from origin 'https://&lt;jenkins url>' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.{code}

JP made changes - 2021-07-09 20:04

Description

Original:   When viewing https://&lt;jenkins url>/job/<job name>/job/main/1/anchore-results/,  this plugin cannot pull `anchore_gates.json` and `anchore_security.json` artifacts client-side when a Resource root URL is set in Jenkins > Manage Jenkins > Configure System.   The browser console indicates a cors issue: {code:java} Access to XMLHttpRequest at 'https://&lt;jenkins resource root url>/static-files/1Gn7axCcS4I1-5RgHpYPLvlaS8PfaVqDfS-8oo5tV64xNjI1ODYwNDAxMjkxOjU6YWRtaW46am9iL3NtYXJ0bGlmdC1zdG9yZS11aS9qb2IvbWFpbi8zMi9hcnRpZmFjdA==/AnchoreReport.main_32/anchore_security.json' (redirected from 'https://&lt;jenkins url>/job/<job name>/job/main/1/artifact/AnchoreReport.main_32/anchore_security.json') from origin 'https://&lt;jenkins url>' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.{code}

New:   When viewing {{https://&lt;jenkins url>/job/<job name>/job/main/1/anchore-results/}},  this plugin cannot pull {{anchore_gates.json}} and {{anchore_security.json}} artifacts client-side when a Resource root URL is set in Jenkins > Manage Jenkins > Configure System.   The browser console indicates a cors issue: {code:bash} Access to XMLHttpRequest at 'https://&lt;jenkins resource root url>/static-files/1Gn7axCcS4I1-5RgHpYPLvlaS8PfaVqDfS-8oo5tV64xNjI1ODYwNDAxMjkxOjU6YWRtaW46am9iL3NtYXJ0bGlmdC1zdG9yZS11aS9qb2IvbWFpbi8zMi9hcnRpZmFjdA==/AnchoreReport.main_32/anchore_security.json' (redirected from 'https://&lt;jenkins url>/job/<job name>/job/main/1/artifact/AnchoreReport.main_32/anchore_security.json') from origin 'https://&lt;jenkins url>' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.{code}

JP made changes - 2021-07-09 20:04

Description

Original:   When viewing {{https://&lt;jenkins url>/job/<job name>/job/main/1/anchore-results/}},  this plugin cannot pull {{anchore_gates.json}} and {{anchore_security.json}} artifacts client-side when a Resource root URL is set in Jenkins > Manage Jenkins > Configure System.   The browser console indicates a cors issue: {code:bash} Access to XMLHttpRequest at 'https://&lt;jenkins resource root url>/static-files/1Gn7axCcS4I1-5RgHpYPLvlaS8PfaVqDfS-8oo5tV64xNjI1ODYwNDAxMjkxOjU6YWRtaW46am9iL3NtYXJ0bGlmdC1zdG9yZS11aS9qb2IvbWFpbi8zMi9hcnRpZmFjdA==/AnchoreReport.main_32/anchore_security.json' (redirected from 'https://&lt;jenkins url>/job/<job name>/job/main/1/artifact/AnchoreReport.main_32/anchore_security.json') from origin 'https://&lt;jenkins url>' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.{code}

New:   When viewing {{https://&lt;jenkins url>/job/<job name>/job/main/1/anchore-results/}},  this plugin cannot pull {{anchore_gates.json}} and {{anchore_security.json}} artifacts client-side when a Resource root URL is set in Jenkins > Manage Jenkins > Configure System > Serve resource files from another domain.   The browser console indicates a cors issue: {code:bash} Access to XMLHttpRequest at 'https://&lt;jenkins resource root url>/static-files/1Gn7axCcS4I1-5RgHpYPLvlaS8PfaVqDfS-8oo5tV64xNjI1ODYwNDAxMjkxOjU6YWRtaW46am9iL3NtYXJ0bGlmdC1zdG9yZS11aS9qb2IvbWFpbi8zMi9hcnRpZmFjdA==/AnchoreReport.main_32/anchore_security.json' (redirected from 'https://&lt;jenkins url>/job/<job name>/job/main/1/artifact/AnchoreReport.main_32/anchore_security.json') from origin 'https://&lt;jenkins url>' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.{code}