Skip to content

fix: Expected fixedby version for jenkins-2-plugins #1193

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 9, 2023
Merged

fix: Expected fixedby version for jenkins-2-plugins #1193

merged 1 commit into from
Jun 9, 2023

Conversation

jvdm
Copy link
Contributor

@jvdm jvdm commented Jun 8, 2023
edited
Loading

Our E2E tests rely on live vulnerability data that can change with time. Some RHSA (I believe https://access.redhat.com/errata/RHSA-2023:3362) was issued that affected jenkins-2-plugins, changing the expected fixedBy version of the package/feature -- it was bumped to a later version that fixes the mentioned CVE (https://access.redhat.com/security/cve/CVE-2023-1370).

{Failed      grpc_full_test.go:102: 
        	Error Trace:	/go/src/github.com/stackrox/scanner/e2etests/grpc_full_test.go:102
        	Error:      	Not equal: 
        	            	expected: scannerV1.Feature{Name:"jenkins-2-plugins", Version:"4.10.1650890594-1.el8.noarch", FeatureType:"rpm", AddedByLayer:"sha256:3fa3f612bdcb92746bf76be1b9c9e1c1c80de777aedaf48b7068f4a129ded3c2", Location:"", Vulnerabilities:[]*scannerV1.Vulnerability(nil), FixedBy:"4.10.1681719745-1.el8", ProvidedExecutables:[]*scannerV1.Executable(nil), XXX_NoUnkeyedLiteral:struct {}{}, XXX_unrecognized:[]uint8(nil), XXX_sizecache:0}
        	            	actual  : scannerV1.Feature{Name:"jenkins-2-plugins", Version:"4.10.1650890594-1.el8.noarch", FeatureType:"rpm", AddedByLayer:"sha256:3fa3f612bdcb92746bf76be1b9c9e1c1c80de777aedaf48b7068f4a129ded3c2", Location:"", Vulnerabilities:[]*scannerV1.Vulnerability(nil), FixedBy:"4.10.1684982411-1.el8", ProvidedExecutables:[]*scannerV1.Executable(nil), XXX_NoUnkeyedLiteral:struct {}{}, XXX_unrecognized:[]uint8(nil), XXX_sizecache:0}
        	            	
        	            	Diff:
        	            	--- Expected
        	            	+++ Actual
        	            	@@ -7,3 +7,3 @@
        	            	  Vulnerabilities: ([]*scannerV1.Vulnerability) <nil>,
        	            	- FixedBy: (string) (len=21) "4.10.1681719745-1.el8",
        	            	+ FixedBy: (string) (len=21) "4.10.1684982411-1.el8",
        	            	  ProvidedExecutables: ([]*scannerV1.Executable) <nil>,
        	Test:       	TestGRPCGetImageVulnerabilities/quay.io/rhacs-eng/qa:ose-jenkins/jenkins-2-plugins/4.10.1650890594-1.el8.noarch}

@jvdm jvdm requested a review from a team June 8, 2023 20:31
@jvdm
Copy link
Contributor Author

jvdm commented Jun 8, 2023

CI failure: https://prow.ci.openshift.org/view/gs/origin-ci-test/logs/periodic-ci-stackrox-scanner-master-hourly-e2e-tests/1666822469429760000

daynewlee
daynewlee reviewed Jun 8, 2023
View reviewed changes
Copy link
Contributor

@daynewlee daynewlee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it this fix?
https://access.redhat.com/errata/RHSA-2023:3198

@ghost
Copy link

ghost commented Jun 8, 2023

Images are ready for the commit at a8322d5.

To use the images, use the tag 2.29.x-35-ga8322d5edb.

@jvdm
Copy link
Contributor Author

jvdm commented Jun 9, 2023
edited
Loading

Is it this fix? https://access.redhat.com/errata/RHSA-2023:3198

I think this one: https://access.redhat.com/errata/RHSA-2023:3362

The related CVE is https://access.redhat.com/security/cve/CVE-2023-1370

@jvdm jvdm requested a review from daynewlee June 9, 2023 00:08
@jvdm jvdm enabled auto-merge (squash) June 9, 2023 00:08
@jvdm jvdm merged commit 9401b1b into master Jun 9, 2023
@jvdm jvdm deleted the jvdm/fix/ci-vulns branch June 9, 2023 02:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@daynewlee daynewlee daynewlee approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jvdm @daynewlee