-
Bug
-
Resolution: Unresolved
-
Minor
-
None
-
Jenkins 2.361.4 (LTS)
OWASP Dependency-Check Plugin Version 5.2.0
Job DSL Version 1.81
When I define a publisher for dependencyCheck in my JobDSL, as described in the
documentation,
publishers {
dependencyCheck('target/dependency-check-report.xml') {
healthLimits(3, 20)
thresholdLimit('high')
defaultEncoding('UTF-8')
canRunOnFailed(true)
useStableBuildAsReference(true)
useDeltaValues(true)
computeNew(true)
shouldDetectModules(true)
thresholds(
unstableTotal: [high: 1, normal: 1],
failedTotal: [high: 2]
)
}
}
I get following in the config.xml which does not reflect correctly when I open the job in the Jenkins UI:
<publishers> <org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher> <healthy>3</healthy> <unHealthy>20</unHealthy> <thresholdLimit>high</thresholdLimit> <defaultEncoding>UTF-8</defaultEncoding> <canRunOnFailed>true</canRunOnFailed> <useStableBuildAsReference>true</useStableBuildAsReference> <useDeltaValues>true</useDeltaValues> <thresholds> <unstableTotalHigh>1</unstableTotalHigh> <unstableTotalNormal>1</unstableTotalNormal> <failedTotalHigh>2</failedTotalHigh> </thresholds> <shouldDetectModules>true</shouldDetectModules> <dontComputeNew>true</dontComputeNew> <doNotResolveRelativePaths>true</doNotResolveRelativePaths> <pattern>target/dependency-check-report.xml</pattern> </org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher> </publishers>
If I use the UI to change the configuration, it gives me the following config.xml:
<publishers> <org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher plugin="dependency-check-jenkins-plugin@5.2.0"> <unstableTotalHigh>1</unstableTotalHigh> <failedTotalCritical>1</failedTotalCritical> <totalThresholdAnalysisExploitable>false</totalThresholdAnalysisExploitable> <newThresholdAnalysisExploitable>false</newThresholdAnalysisExploitable> <pattern>target/dependency-check-report.xml</pattern> <stopBuild>true</stopBuild> </org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher> </publishers>
[JENKINS-70179] dependencyCheck is broken
Martin
created issue -
Martin
made changes -
| Description |
Original:
When I define a publisher for dependencyCheck in my JobDSL, as described in the
[documentation|https://jenkinsci.github.io/job-dsl-plugin/#method/javaposse.jobdsl.dsl.helpers.publisher.PublisherContext.dependencyCheck]. {code:groovy} publishers { dependencyCheck('target/dependency-check-report.xml') { thresholds( unstableTotal: [all: 0, high: 0, normal: 1, low: 0], failedTotal: [all: 0, high: 1, normal: 0, low: 0], unstableNew: [all: 0, high: 0, normal: 0, low: 0], failedNew: [all: 0, high: 0, normal: 0, low: 0] ) } } {code} I get following in the config.xml: {code:xml} <org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher> <healthy/> <unHealthy/> <thresholdLimit>low</thresholdLimit> <defaultEncoding/> <canRunOnFailed>false</canRunOnFailed> <useStableBuildAsReference>false</useStableBuildAsReference> <useDeltaValues>false</useDeltaValues> <thresholds> <unstableTotalAll>0</unstableTotalAll> <unstableTotalHigh>0</unstableTotalHigh> <unstableTotalNormal>1</unstableTotalNormal> <unstableTotalLow>0</unstableTotalLow> <failedTotalAll>0</failedTotalAll> <failedTotalHigh>1</failedTotalHigh> <failedTotalNormal>0</failedTotalNormal> <failedTotalLow>0</failedTotalLow> <unstableNewAll>0</unstableNewAll> <unstableNewHigh>0</unstableNewHigh> <unstableNewNormal>0</unstableNewNormal> <unstableNewLow>0</unstableNewLow> <failedNewAll>0</failedNewAll> <failedNewHigh>0</failedNewHigh> <failedNewNormal>0</failedNewNormal> <failedNewLow>0</failedNewLow> </thresholds> <shouldDetectModules>false</shouldDetectModules> <dontComputeNew>false</dontComputeNew> <doNotResolveRelativePaths>true</doNotResolveRelativePaths> <pattern>target/dependency-check-report.xml</pattern> </org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher> {code} If I use the UI to change the configuration, it gives me the following config.xml: {code:xml} <org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher plugin="dependency-chec...@5.0.2"> <unstableTotalMedium>1</unstableTotalMedium> <failedTotalCritical>1</failedTotalCritical> <failedTotalHigh>1</failedTotalHigh> <totalThresholdAnalysisExploitable>false</totalThresholdAnalysisExploitable> <newThresholdAnalysisExploitable>false</newThresholdAnalysisExploitable> <pattern>target/dependency-check-report.xml</pattern> </org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher> {code} |
New:
When I define a publisher for dependencyCheck in my JobDSL, as described in the
[documentation,|https://jenkinsci.github.io/job-dsl-plugin/#method/javaposse.jobdsl.dsl.helpers.publisher.PublisherContext.dependencyCheck] {code:groovy} publishers { dependencyCheck('target/dependency-check-report.xml') { thresholds( unstableTotal: [all: 0, high: 0, normal: 1, low: 0], failedTotal: [all: 0, high: 1, normal: 0, low: 0], unstableNew: [all: 0, high: 0, normal: 0, low: 0], failedNew: [all: 0, high: 0, normal: 0, low: 0] ) } } {code} I get following in the config.xml which does not reflect correctly when I open the job in the Jenkins UI: {code:xml} <org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher> <healthy/> <unHealthy/> <thresholdLimit>low</thresholdLimit> <defaultEncoding/> <canRunOnFailed>false</canRunOnFailed> <useStableBuildAsReference>false</useStableBuildAsReference> <useDeltaValues>false</useDeltaValues> <thresholds> <unstableTotalAll>0</unstableTotalAll> <unstableTotalHigh>0</unstableTotalHigh> <unstableTotalNormal>1</unstableTotalNormal> <unstableTotalLow>0</unstableTotalLow> <failedTotalAll>0</failedTotalAll> <failedTotalHigh>1</failedTotalHigh> <failedTotalNormal>0</failedTotalNormal> <failedTotalLow>0</failedTotalLow> <unstableNewAll>0</unstableNewAll> <unstableNewHigh>0</unstableNewHigh> <unstableNewNormal>0</unstableNewNormal> <unstableNewLow>0</unstableNewLow> <failedNewAll>0</failedNewAll> <failedNewHigh>0</failedNewHigh> <failedNewNormal>0</failedNewNormal> <failedNewLow>0</failedNewLow> </thresholds> <shouldDetectModules>false</shouldDetectModules> <dontComputeNew>false</dontComputeNew> <doNotResolveRelativePaths>true</doNotResolveRelativePaths> <pattern>target/dependency-check-report.xml</pattern> </org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher> {code} If I use the UI to change the configuration, it gives me the following config.xml: {code:xml} <org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher plugin="dependency-chec...@5.0.2"> <unstableTotalMedium>1</unstableTotalMedium> <failedTotalCritical>1</failedTotalCritical> <failedTotalHigh>1</failedTotalHigh> <totalThresholdAnalysisExploitable>false</totalThresholdAnalysisExploitable> <newThresholdAnalysisExploitable>false</newThresholdAnalysisExploitable> <pattern>target/dependency-check-report.xml</pattern> </org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher> {code} |
Martin
made changes -
| Description |
Original:
When I define a publisher for dependencyCheck in my JobDSL, as described in the
[documentation,|https://jenkinsci.github.io/job-dsl-plugin/#method/javaposse.jobdsl.dsl.helpers.publisher.PublisherContext.dependencyCheck] {code:groovy} publishers { dependencyCheck('target/dependency-check-report.xml') { thresholds( unstableTotal: [all: 0, high: 0, normal: 1, low: 0], failedTotal: [all: 0, high: 1, normal: 0, low: 0], unstableNew: [all: 0, high: 0, normal: 0, low: 0], failedNew: [all: 0, high: 0, normal: 0, low: 0] ) } } {code} I get following in the config.xml which does not reflect correctly when I open the job in the Jenkins UI: {code:xml} <org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher> <healthy/> <unHealthy/> <thresholdLimit>low</thresholdLimit> <defaultEncoding/> <canRunOnFailed>false</canRunOnFailed> <useStableBuildAsReference>false</useStableBuildAsReference> <useDeltaValues>false</useDeltaValues> <thresholds> <unstableTotalAll>0</unstableTotalAll> <unstableTotalHigh>0</unstableTotalHigh> <unstableTotalNormal>1</unstableTotalNormal> <unstableTotalLow>0</unstableTotalLow> <failedTotalAll>0</failedTotalAll> <failedTotalHigh>1</failedTotalHigh> <failedTotalNormal>0</failedTotalNormal> <failedTotalLow>0</failedTotalLow> <unstableNewAll>0</unstableNewAll> <unstableNewHigh>0</unstableNewHigh> <unstableNewNormal>0</unstableNewNormal> <unstableNewLow>0</unstableNewLow> <failedNewAll>0</failedNewAll> <failedNewHigh>0</failedNewHigh> <failedNewNormal>0</failedNewNormal> <failedNewLow>0</failedNewLow> </thresholds> <shouldDetectModules>false</shouldDetectModules> <dontComputeNew>false</dontComputeNew> <doNotResolveRelativePaths>true</doNotResolveRelativePaths> <pattern>target/dependency-check-report.xml</pattern> </org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher> {code} If I use the UI to change the configuration, it gives me the following config.xml: {code:xml} <org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher plugin="dependency-chec...@5.0.2"> <unstableTotalMedium>1</unstableTotalMedium> <failedTotalCritical>1</failedTotalCritical> <failedTotalHigh>1</failedTotalHigh> <totalThresholdAnalysisExploitable>false</totalThresholdAnalysisExploitable> <newThresholdAnalysisExploitable>false</newThresholdAnalysisExploitable> <pattern>target/dependency-check-report.xml</pattern> </org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher> {code} |
New:
When I define a publisher for dependencyCheck in my JobDSL, as described in the
[documentation,|https://jenkinsci.github.io/job-dsl-plugin/#method/javaposse.jobdsl.dsl.helpers.publisher.PublisherContext.dependencyCheck] {code:groovy} publishers { dependencyCheck('target/dependency-check-report.xml') { healthLimits(3, 20) thresholdLimit('high') defaultEncoding('UTF-8') canRunOnFailed(true) useStableBuildAsReference(true) useDeltaValues(true) computeNew(true) shouldDetectModules(true) thresholds( unstableTotal: [high: 1, normal: 1], failedTotal: [high: 2] ) } } {code} I get following in the config.xml which does not reflect correctly when I open the job in the Jenkins UI: {code:xml} <publishers> <org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher> <healthy>3</healthy> <unHealthy>20</unHealthy> <thresholdLimit>high</thresholdLimit> <defaultEncoding>UTF-8</defaultEncoding> <canRunOnFailed>true</canRunOnFailed> <useStableBuildAsReference>true</useStableBuildAsReference> <useDeltaValues>true</useDeltaValues> <thresholds> <unstableTotalHigh>1</unstableTotalHigh> <unstableTotalNormal>1</unstableTotalNormal> <failedTotalHigh>2</failedTotalHigh> </thresholds> <shouldDetectModules>true</shouldDetectModules> <dontComputeNew>true</dontComputeNew> <doNotResolveRelativePaths>true</doNotResolveRelativePaths> <pattern>target/dependency-check-report.xml</pattern> </org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher> </publishers> {code} If I use the UI to change the configuration, it gives me the following config.xml: {code:xml} <publishers> <org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher plugin="dependency-check-jenkins-plugin@5.2.0"> <unstableTotalHigh>1</unstableTotalHigh> <failedTotalCritical>1</failedTotalCritical> <totalThresholdAnalysisExploitable>false</totalThresholdAnalysisExploitable> <newThresholdAnalysisExploitable>false</newThresholdAnalysisExploitable> <pattern>target/dependency-check-report.xml</pattern> <stopBuild>true</stopBuild> </org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher> </publishers> {code} |
Martin
made changes -
| Environment |
Original:
Jenkins 2.361.4 (LTS)
OWASP Dependency-Track Plugin Version 4.2.0 Job DSL Version 1.81 |
New:
Jenkins 2.361.4 (LTS)
OWASP Dependency-Check Plugin Version 5.2.0 Job DSL Version 1.81 |