-
Bug
-
Resolution: Cannot Reproduce
-
Minor
-
None
I'm trying to write a custom parser to read snyk.io's vulnerablility reports.
pattern:
"title":\s*"(.*?)"[\s\S]*?"description":\s*"(.*?)"[\s\S]*?"severity":\s*"(.*?)"[\s\S]*?"cvssScore":\s*(\S*?),[\s\S]*?"__filename":\s*"(.*?)"
script:
import hudson.plugins.warnings.parser.Warning import hudson.plugins.analysis.util.model.Priority String title = matcher.group(1) String description = matcher.group(2) String severity = matcher.group(3) String cvssScore = matcher.group(4) String filename = matcher.group(2) Warning myWarning = new Warning(filename, 0, title, "CVSS " + cvssScore, description, Priority.valueOf(severity.toUpperCase())) myWarning.setColumnPosition(0); return myWarning;
The validity check in the configuration screen states it has found a warning and displays all the values correctly. In a test job it finds multiple files, scans them all but finds no warning.
[Pipeline] warnings [WARNINGS] Parsing warnings in files '**/snyk.json' with parser Snyk Parser [WARNINGS] Searching for all files in /var/jenkins_home/workspace/Test/Analyse Snyk that match the pattern **/snyk.json [WARNINGS] Parsing 6 files in /var/jenkins_home/workspace/Test/Analyse Snyk [WARNINGS] Successfully parsed file /var/jenkins_home/workspace/Test/Analyse Snyk/a/snyk.json with 0 unique warnings and 0 duplicates. [WARNINGS] Successfully parsed file /var/jenkins_home/workspace/Test/Analyse Snyk/b/snyk.json with 0 unique warnings and 0 duplicates. [WARNINGS] Successfully parsed file /var/jenkins_home/workspace/Test/Analyse Snyk/c/snyk.json with 0 unique warnings and 0 duplicates. [WARNINGS] Successfully parsed file /var/jenkins_home/workspace/Test/Analyse Snyk/d/snyk.json with 0 unique warnings and 0 duplicates. [WARNINGS] Successfully parsed file /var/jenkins_home/workspace/Test/Analyse Snyk/e/snyk.json with 0 unique warnings and 0 duplicates. [WARNINGS] Successfully parsed file /var/jenkins_home/workspace/Test/Analyse Snyk/f/snyk.json with 0 unique warnings and 0 duplicates. Skipping warnings blame since pipelines do not have an SCM link.%n [WARNINGS] Computing warning deltas based on reference build #28
However, it works with a simple pattern:
"title":\s*"(.*?)"
[Pipeline] warnings [WARNINGS] Parsing warnings in files '**/snyk.json' with parser Snyk Parser [WARNINGS] Searching for all files in /var/jenkins_home/workspace/Test/Analyse Snyk that match the pattern **/snyk.json [WARNINGS] Parsing 6 files in /var/jenkins_home/workspace/Test/Analyse Snyk [WARNINGS] Successfully parsed file /var/jenkins_home/workspace/Test/Analyse Snyk/a/snyk.json with 3 unique warnings and 0 duplicates. [WARNINGS] Successfully parsed file /var/jenkins_home/workspace/Test/Analyse Snyk/b/snyk.json with 3 unique warnings and 0 duplicates. [WARNINGS] Successfully parsed file /var/jenkins_home/workspace/Test/Analyse Snyk/c/snyk.json with 5 unique warnings and 1 duplicate. [WARNINGS] Successfully parsed file /var/jenkins_home/workspace/Test/Analyse Snyk/d/snyk.json with 6 unique warnings and 2 duplicates. [WARNINGS] Successfully parsed file /var/jenkins_home/workspace/Test/Analyse Snyk/e/snyk.json with 7 unique warnings and 3 duplicates. [WARNINGS] Successfully parsed file /var/jenkins_home/workspace/Test/Analyse Snyk/f/snyk.json with 7 unique warnings and 3 duplicates. Skipping warnings blame since pipelines do not have an SCM link.%n [WARNINGS] Computing warning deltas based on reference build #27
This way, all warnings are found.
One additional problem appears then: I scan all snyk.json files (**/snyk.json) which finds 6 files, each containing 3-7 issues. However the warnings plugin just displays the 7, that are contained in the last file.
So to me it seems, the regex of the warnings parser is not acting the same as the on in the preview.