Attached is the log file generated by running bandit and below are the relevant sections from the Jenkins file and associated output. The bandit issue for this test is generated by simply saying print(eval('1+2')) for testing purposes only.
sh """
. ./venv/bin/activate
bandit -r rc_smtp_bridge/ -f custom --msg-template '{abspath}:{line}: {severity}: {test_id}: {msg}' | tee bandit.log || true
"""
+ bandit -r rc_smtp_bridge/ -f custom --msg-template {abspath}:{line}: {severity}: {test_id}: {msg}
+ tee bandit.log
[main] INFO profile include tests: None
[main] INFO profile exclude tests: None
[main] INFO cli include tests: None
[main] INFO cli exclude tests: None
[main] INFO running on Python 3.11.2
/jenkins/workspace/ure_RC_SMTP_Bridge_flake8-bandit@2/rc_smtp_bridge/rc_smtp_bridge.py:42: MEDIUM: B307: Use of possibly insecure function - consider using safer ast.literal_eval.
RecordIssues
[bandit.log](https://github.com/tomasbjerre/violations-lib/files/11008580/bandit.log)
recordIssues aggregatingResults: true,
qualityGates: [[threshold: 1, type: 'TOTAL', unstable: false]],
enabledForFailure: true,
tools: [clang(name: 'bandit', pattern: "bandit.log")]
[bandit] Searching for all files in '/jenkins/workspace/ure_RC_SMTP_Bridge_flake8-bandit@2' that match the pattern 'bandit.log'
[bandit] Traversing of symbolic links: enabled
[bandit] -> found 1 file
[bandit] Successfully parsed file /jenkins/workspace/ure_RC_SMTP_Bridge_flake8-bandit@2/bandit.log
[bandit] -> found 0 issues (skipped 0 duplicates)
[bandit] Successfully processed file 'bandit.log'
[bandit] Skipping post processing
[bandit] No filter has been set, publishing all 0 issues
[bandit] Repository miner is not configured, skipping repository mining
[bandit] Searching for all files in '/jenkins/workspace/ure_RC_SMTP_Bridge_flake8-bandit@2' that match the pattern 'bandit.log'
[bandit] Traversing of symbolic links: enabled
[bandit] -> found 1 file
[bandit] Successfully parsed file /jenkins/workspace/ure_RC_SMTP_Bridge_flake8-bandit@2/bandit.log
[bandit] -> found 0 issues (skipped 0 duplicates)
[bandit] Successfully processed file 'bandit.log'
[bandit] Skipping post processing
[bandit] No filter has been set, publishing all 0 issues
[bandit] Ignoring 'aggregatingResults' and ID 'null' since only a single tool is defined.
[bandit] Searching for all files in '/jenkins/workspace/ure_RC_SMTP_Bridge_flake8-bandit@2' that match the pattern 'bandit.log'
[bandit] Traversing of symbolic links: enabled
[bandit] -> found 1 file
[bandit] Successfully parsed file /jenkins/workspace/ure_RC_SMTP_Bridge_flake8-bandit@2/bandit.log
[bandit] -> found 0 issues (skipped 0 duplicates)
[bandit] Successfully processed file 'bandit.log'
[bandit] Skipping post processing
[bandit] No filter has been set, publishing all 0 issues
[bandit] Repository miner is not configured, skipping repository mining
[bandit] Reference build recorder is not configured
[bandit] Obtaining reference build from same job (flake8-bandit)
[bandit] Using reference build 'Infrastructure/RC SMTP Bridge/flake8-bandit #11' to compute new, fixed, and outstanding issues
[bandit] Issues delta (vs. reference build): outstanding: 0, new: 0, fixed: 0
[bandit] Evaluating quality gates
[bandit] -> PASSED - Total (any severity): 0 - Quality Gate: 1
[bandit] -> All quality gates have been passed
[bandit] Health report is disabled - skipping
[bandit] Created analysis result for 0 issues (found 0 new issues, fixed 0 issues)
[bandit] Attaching ResultAction with ID 'clang' to build 'Infrastructure/RC SMTP Bridge/flake8-bandit #21'.
[Checks API] No suitable checks publisher found.
References: https://github.com/tomasbjerre/violations-lib/issues/73 https://github.com/PyCQA/bandit/issues/220
Software/Plugins Jenkins 2.387.1 Warnings-NG 10.0.2 AnalysisModel 11.0.0 (believe this is where violations-lib is pulled in)
I am not sure where the issue is so putting this together and asking for some assistance. Looking at the diff in https://github.com/tomasbjerre/violations-lib/commit/0af669fb166b9524f1a12681cdf735d6e84b6a9f I am not seeing anything obvious. The format lines look to be identical and the logic looks sound.
Attached is the log file generated by running bandit and below are the relevant sections from the Jenkins file and associated output. The bandit issue for this test is generated by simply saying
print(eval('1+2'))
for testing purposes only.bandit.log bandit.log
Bandit call + outout
RecordIssues