Started by upstream project "buildall-stage_2-merge-v12" build number 431
originally caused by:
Started by timer
> git rev-parse --is-inside-work-tree # timeout=10
Setting origin to https://osm.etsi.org/gerrit/osm/osmclient.git
> git config remote.origin.url https://osm.etsi.org/gerrit/osm/osmclient.git # timeout=10
Fetching origin...
Fetching upstream changes from origin
> git --version # timeout=10
> git config --get remote.origin.url # timeout=10
> git fetch --tags --force --progress origin +refs/heads/*:refs/remotes/origin/*
Seen branch in repository origin/bug1511
Seen branch in repository origin/feature5837
Seen branch in repository origin/feature7106
Seen branch in repository origin/feature7928
Seen branch in repository origin/master
Seen branch in repository origin/netslice
Seen branch in repository origin/ng-ro-refactor
Seen branch in repository origin/paas
Seen branch in repository origin/rift300
Seen branch in repository origin/sol006
Seen branch in repository origin/sol006v331
Seen branch in repository origin/v10.0
Seen branch in repository origin/v11.0
Seen branch in repository origin/v12.0
Seen branch in repository origin/v13.0
Seen branch in repository origin/v14.0
Seen branch in repository origin/v15.0
Seen branch in repository origin/v2.0
Seen branch in repository origin/v3.1
Seen branch in repository origin/v4.0
Seen branch in repository origin/v5.0
Seen branch in repository origin/v6.0
Seen branch in repository origin/v7.0
Seen branch in repository origin/v8.0
Seen branch in repository origin/v9.0
Seen 25 remote branches
Obtained Jenkinsfile from e73c56e2e9480f79810865ccf1c9a3371f7a68a3
Running in Durability level: MAX_SURVIVABILITY
[Pipeline] properties
[Pipeline] node
Running on osm-cicd-3 in /home/jenkins/workspace/osmclient-stage_2-merge_v12.0
[Pipeline] {
[Pipeline] checkout
No credentials specified
> git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
> git config remote.origin.url https://osm.etsi.org/gerrit/osm/osmclient.git # timeout=10
Fetching without tags
Fetching upstream changes from https://osm.etsi.org/gerrit/osm/osmclient.git
> git --version # timeout=10
> git fetch --no-tags --force --progress https://osm.etsi.org/gerrit/osm/osmclient.git +refs/heads/*:refs/remotes/origin/*
Checking out Revision e73c56e2e9480f79810865ccf1c9a3371f7a68a3 (v12.0)
> git config core.sparsecheckout # timeout=10
> git checkout -f e73c56e2e9480f79810865ccf1c9a3371f7a68a3
Commit message: "Update Dockerfile to run apt update before apt install"
> git rev-list --no-walk e73c56e2e9480f79810865ccf1c9a3371f7a68a3 # timeout=10
Cleaning workspace
> git rev-parse --verify HEAD # timeout=10
Resetting working tree
> git reset --hard # timeout=10
> git clean -fdx # timeout=10
[Pipeline] dir
Running in /home/jenkins/workspace/osmclient-stage_2-merge_v12.0/devops
[Pipeline] {
[Pipeline] git
No credentials specified
> git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
> git config remote.origin.url https://osm.etsi.org/gerrit/osm/devops # timeout=10
Fetching upstream changes from https://osm.etsi.org/gerrit/osm/devops
> git --version # timeout=10
> git fetch --tags --force --progress https://osm.etsi.org/gerrit/osm/devops +refs/heads/*:refs/remotes/origin/*
> git rev-parse refs/remotes/origin/v12.0^{commit} # timeout=10
> git rev-parse refs/remotes/origin/origin/v12.0^{commit} # timeout=10
Checking out Revision 8e91a950fbfac8777b24f8fc577f7159bce65ee4 (refs/remotes/origin/v12.0)
> git config core.sparsecheckout # timeout=10
> git checkout -f 8e91a950fbfac8777b24f8fc577f7159bce65ee4
> git branch -a -v --no-abbrev # timeout=10
> git branch -D v12.0 # timeout=10
> git checkout -b v12.0 8e91a950fbfac8777b24f8fc577f7159bce65ee4
Commit message: "Fix Bug 2338: updated kubernetes apt repo from apt.kubernetes.io to pkgs.k8s.io"
> git rev-list --no-walk 8e91a950fbfac8777b24f8fc577f7159bce65ee4 # timeout=10
[Pipeline] }
[Pipeline] // dir
[Pipeline] load
[Pipeline] { (devops/jenkins/ci-pipelines/ci_stage_2.groovy)
[Pipeline] }
[Pipeline] // load
[Pipeline] echo
do_stage_3= false
[Pipeline] load
[Pipeline] { (devops/jenkins/ci-pipelines/ci_helper.groovy)
[Pipeline] }
[Pipeline] // load
[Pipeline] stage
[Pipeline] { (Prepare)
[Pipeline] sh
[osmclient-stage_2-merge_v12.0] Running shell script
+ env
JENKINS_HOME=/var/lib/jenkins
SSH_CLIENT=212.234.161.1 24503 22
USER=jenkins
RUN_CHANGES_DISPLAY_URL=https://osm.etsi.org/jenkins/job/osmclient-stage_2-merge/job/v12.0/460/display/redirect?page=changes
GERRIT_PROJECT=osm/osmclient
XDG_SESSION_TYPE=tty
SHLVL=0
NODE_LABELS=osm-cicd-3 osm3 stage_2
HUDSON_URL=https://osm.etsi.org/jenkins/
MOTD_SHOWN=pam
OLDPWD=/home/jenkins
HOME=/home/jenkins
BUILD_URL=https://osm.etsi.org/jenkins/job/osmclient-stage_2-merge/job/v12.0/460/
HUDSON_COOKIE=f7cab325-8a7e-4d61-b938-269208cb65c8
JENKINS_SERVER_COOKIE=durable-945c848f51cc60e203a497fc73258667
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1001/bus
GERRIT_PATCHSET_REVISION=e73c56e2e9480f79810865ccf1c9a3371f7a68a3
WORKSPACE=/home/jenkins/workspace/osmclient-stage_2-merge_v12.0
LOGNAME=jenkins
NODE_NAME=osm-cicd-3
GERRIT_BRANCH=v12.0
_=/usr/bin/java
RUN_ARTIFACTS_DISPLAY_URL=https://osm.etsi.org/jenkins/job/osmclient-stage_2-merge/job/v12.0/460/display/redirect?page=artifacts
XDG_SESSION_CLASS=user
EXECUTOR_NUMBER=2
XDG_SESSION_ID=3541
RUN_TESTS_DISPLAY_URL=https://osm.etsi.org/jenkins/job/osmclient-stage_2-merge/job/v12.0/460/display/redirect?page=tests
BUILD_DISPLAY_NAME=#460
PROJECT_URL_PREFIX=https://osm.etsi.org/gerrit
HUDSON_HOME=/var/lib/jenkins
JOB_BASE_NAME=v12.0
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin
BUILD_ID=460
XDG_RUNTIME_DIR=/run/user/1001
BUILD_TAG=jenkins-osmclient-stage_2-merge-v12.0-460
JENKINS_URL=https://osm.etsi.org/jenkins/
LANG=C.UTF-8
JOB_URL=https://osm.etsi.org/jenkins/job/osmclient-stage_2-merge/job/v12.0/
BUILD_NUMBER=460
SHELL=/bin/bash
RUN_DISPLAY_URL=https://osm.etsi.org/jenkins/job/osmclient-stage_2-merge/job/v12.0/460/display/redirect
ARTIFACTORY_SERVER=artifactory-osm
GERRIT_REFSPEC=refs/changes/31/14231/1
HUDSON_SERVER_COOKIE=6d3295a483c3e6d5
JOB_DISPLAY_URL=https://osm.etsi.org/jenkins/job/osmclient-stage_2-merge/job/v12.0/display/redirect
JOB_NAME=osmclient-stage_2-merge/v12.0
TEST_INSTALL=false
PWD=/home/jenkins/workspace/osmclient-stage_2-merge_v12.0
SSH_CONNECTION=212.234.161.1 24503 172.21.249.3 22
BRANCH_NAME=v12.0
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Checkout)
[Pipeline] sh
[osmclient-stage_2-merge_v12.0] Running shell script
+ git fetch --tags
[Pipeline] sh
[osmclient-stage_2-merge_v12.0] Running shell script
+ git fetch origin refs/changes/31/14231/1
From https://osm.etsi.org/gerrit/osm/osmclient
* branch refs/changes/31/14231/1 -> FETCH_HEAD
[Pipeline] sh
[osmclient-stage_2-merge_v12.0] Running shell script
+ git checkout -f e73c56e2e9480f79810865ccf1c9a3371f7a68a3
HEAD is now at e73c56e Update Dockerfile to run apt update before apt install
[Pipeline] sh
[osmclient-stage_2-merge_v12.0] Running shell script
+ sudo git clean -dfx
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (License Scan)
[Pipeline] echo
skip the scan for merge
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Release Note Check)
[Pipeline] fileExists
[Pipeline] echo
No releasenote check present
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Docker-Build)
[Pipeline] sh
[osmclient-stage_2-merge_v12.0] Running shell script
+ docker build --build-arg APT_PROXY=http://172.21.1.1:3142 -t osm/osmclient-v12.0 .
Sending build context to Docker daemon 54.98MB
Step 1/9 : FROM ubuntu:20.04
---> 2abc4dfd8318
Step 2/9 : ARG APT_PROXY
---> Using cache
---> 5c36130a0ee6
Step 3/9 : RUN if [ ! -z $APT_PROXY ] ; then echo "Acquire::http::Proxy \"$APT_PROXY\";" > /etc/apt/apt.conf.d/proxy.conf ; echo "Acquire::https::Proxy \"$APT_PROXY\";" >> /etc/apt/apt.conf.d/proxy.conf ; fi
---> Using cache
---> 0bb125df54e2
Step 4/9 : RUN DEBIAN_FRONTEND=noninteractive apt-get update && DEBIAN_FRONTEND=noninteractive apt-get -y install debhelper dh-python git python3.8 python3-all python3.8-dev python3-setuptools
---> Using cache
---> 62dc5bc5f3aa
Step 5/9 : RUN python3 -m easy_install pip==21.3.1
---> Using cache
---> cdc6648fbdf7
Step 6/9 : RUN pip install tox==3.24.5
---> Using cache
---> da39db68131e
Step 7/9 : RUN DEBIAN_FRONTEND=noninteractive apt-get update && DEBIAN_FRONTEND=noninteractive apt-get -y install libcurl4-openssl-dev libssl-dev wget
---> Using cache
---> 37656b5c404a
Step 8/9 : ENV LC_ALL C.UTF-8
---> Using cache
---> 0e4757013171
Step 9/9 : ENV LANG C.UTF-8
---> Using cache
---> abe4a12257ef
Successfully built abe4a12257ef
Successfully tagged osm/osmclient-v12.0:latest
[Pipeline] }
[Pipeline] // stage
[Pipeline] sh
[osmclient-stage_2-merge_v12.0] Running shell script
+ id -u
[Pipeline] sh
[osmclient-stage_2-merge_v12.0] Running shell script
+ id -g
[Pipeline] withDockerContainer
osm-cicd-3 does not seem to be running inside a container
$ docker run -t -d -u 1001:1001 -u root -w /home/jenkins/workspace/osmclient-stage_2-merge_v12.0 -v /home/jenkins/workspace/osmclient-stage_2-merge_v12.0:/home/jenkins/workspace/osmclient-stage_2-merge_v12.0:rw,z -v /home/jenkins/workspace/osmclient-stage_2-merge_v12.0@tmp:/home/jenkins/workspace/osmclient-stage_2-merge_v12.0@tmp:rw,z -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** --entrypoint cat osm/osmclient-v12.0
[Pipeline] {
[Pipeline] stage
[Pipeline] { (Test)
[Pipeline] sh
[osmclient-stage_2-merge_v12.0] Running shell script
+ groupadd -o -g 1001 -r jenkins
[Pipeline] sh
[osmclient-stage_2-merge_v12.0] Running shell script
+ pwd
+ useradd -o -u 1001 -d /home/jenkins/workspace/osmclient-stage_2-merge_v12.0 -r -g jenkins jenkins
[Pipeline] sh
[osmclient-stage_2-merge_v12.0] Running shell script
+ echo #! /bin/sh
[Pipeline] sh
[osmclient-stage_2-merge_v12.0] Running shell script
+ chmod 755 /usr/bin/mesg
[Pipeline] sh
[osmclient-stage_2-merge_v12.0] Running shell script
+ runuser jenkins -c devops-stages/stage-test.sh
Launching tox
✔ OK black in 11.516 seconds
black create: /tmp/.tox/black
black installdeps: black==23.12.1
black installed: black==23.12.1,click==8.1.7,mypy-extensions==1.0.0,packaging==24.0,pathspec==0.12.1,platformdirs==4.2.2,tomli==2.0.1,typing_extensions==4.11.0
black run-test-pre: PYTHONHASHSEED='3525018905'
black run-test: commands[0] | black --check --diff osmclient/
All done! ✨ 🍰 ✨
56 files would be left unchanged.
✔ OK flake8 in 16.348 seconds
flake8 create: /tmp/.tox/flake8
flake8 installdeps: flake8
flake8 develop-inst: /home/jenkins/workspace/osmclient-stage_2-merge_v12.0
flake8 installed: flake8==7.0.0,mccabe==0.7.0,-e git+https://osm.etsi.org/gerrit/osm/osmclient.git@e73c56e2e9480f79810865ccf1c9a3371f7a68a3#egg=osmclient,pycodestyle==2.11.1,pyflakes==3.2.0
flake8 run-test-pre: PYTHONHASHSEED='2976410807'
flake8 run-test: commands[0] | flake8 osmclient/ setup.py
✔ OK safety in 49.43 seconds
safety create: /tmp/.tox/safety
safety installdeps: -r/home/jenkins/workspace/osmclient-stage_2-merge_v12.0/requirements.txt, safety
safety develop-inst: /home/jenkins/workspace/osmclient-stage_2-merge_v12.0
safety installed: annotated-types==0.7.0,Authlib==1.3.0,certifi==2022.6.15,cffi==1.16.0,charset-normalizer==2.0.12,click==8.1.3,cryptography==42.0.7,dparse==0.6.4b0,idna==3.3,Jinja2==3.1.2,markdown-it-py==3.0.0,MarkupSafe==2.1.1,marshmallow==3.21.2,mdurl==0.1.2,-e git+https://osm.etsi.org/gerrit/osm/osmclient.git@e73c56e2e9480f79810865ccf1c9a3371f7a68a3#egg=osmclient,packaging==21.3,prettytable==3.3.0,pycparser==2.22,pycurl==7.45.1,pydantic==2.7.1,pydantic_core==2.18.2,Pygments==2.18.0,pyparsing==3.0.9,python-magic==0.4.27,PyYAML==5.4.1,requests==2.28.0,rich==13.7.1,ruamel.yaml==0.18.6,ruamel.yaml.clib==0.2.8,safety==3.2.0,safety-schemas==0.0.2,shellingham==1.5.4,tomli==2.0.1,typer==0.12.3,typing_extensions==4.11.0,urllib3==1.26.9,verboselogs==1.7,wcwidth==0.2.5
safety run-test-pre: PYTHONHASHSEED='1523296536'
safety run-test: commands[0] | - safety check --full-report
+==============================================================================+
/$$$$$$ /$$
/$$__ $$ | $$
/$$$$$$$ /$$$$$$ | $$ \__//$$$$$$ /$$$$$$ /$$ /$$
/$$_____/ |____ $$| $$$$ /$$__ $$|_ $$_/ | $$ | $$
| $$$$$$ /$$$$$$$| $$_/ | $$$$$$$$ | $$ | $$ | $$
\____ $$ /$$__ $$| $$ | $$_____/ | $$ /$$| $$ | $$
/$$$$$$$/| $$$$$$$| $$ | $$$$$$$ | $$$$/| $$$$$$$
|_______/ \_______/|__/ \_______/ \___/ \____ $$
/$$ | $$
| $$$$$$/
by safetycli.com \______/
+==============================================================================+
[1mREPORT[0m
[31m[22m Safety is using PyUp's free open-source vulnerability database. This
data is 30 days old and limited. [0m
[31m For real-time enhanced vulnerability data, fix recommendations, severity
reporting, cybersecurity support, team and project policy management and more
sign up at https://pyup.io or email sales@pyup.io[0m
Safety [1mv3.2.0[0m is scanning for [1mVulnerabilities[0m[1m...[0m
[1m Scanning dependencies[0m in your [1menvironment:[0m
-> /tmp/.tox/safety/bin
-> /home/jenkins/workspace/osmclient-stage_2-merge_v12.0
-> /tmp/.tox/safety/lib/python3.8/site-packages
-> /usr/lib/python3.8/lib-dynload
-> /usr/lib/python38.zip
-> /usr/lib/python3.8
Using [1mopen-source vulnerability database[0m
[1m Found and scanned 41 packages[0m
Timestamp [1m2024-05-22 08:27:36[0m
[1m 8[0m[1m vulnerabilities reported[0m
[1m 0[0m[1m vulnerabilities ignored[0m
+==============================================================================+
[1mVULNERABILITIES REPORTED[0m
+==============================================================================+
[31m-> Vulnerability found in urllib3 version 1.26.9[0m
[1m Vulnerability ID: [0m61893
[1m Affected spec: [0m<1.26.18
[1m ADVISORY: [0mUrllib3 1.26.18 and 2.0.7 include a fix for
CVE-2023-45803: Request body not stripped after redirect from 303 status
changes request method to GET.https://github.com/urllib3/urllib3/security/
advisories/GHSA-g4mx-q9vg-27p4
[1m CVE-2023-45803[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/61893/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 61893 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in urllib3 version 1.26.9[0m
[1m Vulnerability ID: [0m61601
[1m Affected spec: [0m<1.26.17
[1m ADVISORY: [0mUrllib3 1.26.17 and 2.0.5 include a fix for
CVE-2023-43804: Urllib3 doesn't treat the 'Cookie' HTTP header special or
provide any helpers for managing cookies over HTTP, that is the
responsibility of the user. However, it is possible for a user to specify
a 'Cookie' header and unknowingly leak information via HTTP redirects to a
different origin if that user doesn't disable redirects explicitly.https:/
/github.com/urllib3/urllib3/security/advisories/GHSA-v845-jxx5-vc9f
[1m CVE-2023-43804[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/61601/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 61601 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in requests version 2.28.0[0m
[1m Vulnerability ID: [0m58755
[1m Affected spec: [0m>=2.3.0,<2.31.0
[1m ADVISORY: [0mRequests 2.31.0 includes a fix for CVE-2023-32681: Since
Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to
destination servers when redirected to an HTTPS endpoint. This is a
product of how we use 'rebuild_proxies' to reattach the 'Proxy-
Authorization' header to requests. For HTTP connections sent through the
tunnel, the proxy will identify the header in the request itself and
remove it prior to forwarding to the destination server. However when sent
over HTTPS, the 'Proxy-Authorization' header must be sent in the CONNECT
request as the proxy has no visibility into the tunneled request. This
results in Requests forwarding proxy credentials to the destination server
unintentionally, allowing a malicious actor to potentially exfiltrate
sensitive information.
[1m CVE-2023-32681[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/58755/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 58755 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in pip version 24.0[0m
[1m Vulnerability ID: [0m67599
[1m Affected spec: [0m>=0
[1m ADVISORY: [0m** DISPUTED ** An issue was discovered in pip (all
versions) because it installs the version with the highest version number,
even if the user had intended to obtain a private package from a private
index. This only affects use of the --extra-index-url option, and
exploitation requires that the package does not already exist in the
public index (and thus the attacker can put the package there with an
arbitrary version number). NOTE: it has been reported that this is
intended functionality and the user is responsible for using --extra-
index-url securely.
[1m CVE-2018-20225[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/67599/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 67599 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in idna version 3.3[0m
[1m Vulnerability ID: [0m67895
[1m Affected spec: [0m<3.7
[1m ADVISORY: [0mCVE-2024-3651 impacts the idna.encode() function, where
a specially crafted argument could lead to significant resource
consumption, causing a denial-of-service. In version 3.7, this function
has been updated to reject such inputs efficiently, minimizing resource
use. A practical workaround involves enforcing a maximum domain name
length of 253 characters before encoding, as the vulnerability is
triggered by unusually large inputs that normal operations wouldn't
encounter.
[1m CVE-2024-3651[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/67895/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 67895 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in certifi version 2022.6.15[0m
[1m Vulnerability ID: [0m52365
[1m Affected spec: [0m<2022.12.07
[1m ADVISORY: [0mCertifi 2022.12.07 includes a fix for CVE-2022-23491:
Certifi 2022.12.07 removes root certificates from "TrustCor" from the root
store. These are in the process of being removed from Mozilla's trust
store. TrustCor's root certificates are being removed pursuant to an
investigation prompted by media reporting that TrustCor's ownership also
operated a business that produced spyware. Conclusions of Mozilla's
investigation can be found in the linked google group
discussion.https://github.com/certifi/python-
certifi/security/advisories/GHSA-43fp-
rhv2-5gv8https://groups.google.com/a/mozilla.org/g/dev-security-
policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ
[1m CVE-2022-23491[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/52365/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 52365 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in certifi version 2022.6.15[0m
[1m Vulnerability ID: [0m59956
[1m Affected spec: [0m>=2015.04.28,<2023.07.22
[1m ADVISORY: [0mCertifi 2023.07.22 includes a fix for CVE-2023-37920:
Certifi prior to version 2023.07.22 recognizes "e-Tugra" root
certificates. e-Tugra's root certificates were subject to an investigation
prompted by reporting of security issues in their systems. Certifi
2023.07.22 removes root certificates from "e-Tugra" from the root
store.https://github.com/certifi/python-certifi/security/advisories/GHSA-
xqr8-7jwr-rhp7
[1m CVE-2023-37920[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/59956/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 59956 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in jinja2 version 3.1.2[0m
[1m Vulnerability ID: [0m64227
[1m Affected spec: [0m<3.1.3
[1m ADVISORY: [0mJinja2 before 3.1.3 is affected by a Cross-Site
Scripting vulnerability. Special placeholders in the template allow
writing code similar to Python syntax. It is possible to inject arbitrary
HTML attributes into the rendered HTML template. The Jinja 'xmlattr'
filter can be abused to inject arbitrary HTML attribute keys and values,
bypassing the auto escaping mechanism and potentially leading to XSS. It
may also be possible to bypass attribute validation checks if they are
blacklist-based.
[1m CVE-2024-22195[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/64227/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 64227 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
+==============================================================================+
[32m[1mREMEDIATIONS[0m
8 vulnerabilities were reported in 6 packages. For detailed remediation &
fix recommendations, upgrade to a commercial license.
+==============================================================================+
Scan was completed. 8 vulnerabilities were reported.
+==============================================================================+
[31m[22m Safety is using PyUp's free open-source vulnerability database. This
data is 30 days old and limited. [0m
[31m For real-time enhanced vulnerability data, fix recommendations, severity
reporting, cybersecurity support, team and project policy management and more
sign up at https://pyup.io or email sales@pyup.io[0m
+==============================================================================+[0m
✔ OK cover in 1 minute, 34.968 seconds
cover create: /tmp/.tox/cover
cover installdeps: -r/home/jenkins/workspace/osmclient-stage_2-merge_v12.0/requirements.txt, -r/home/jenkins/workspace/osmclient-stage_2-merge_v12.0/requirements-dev.txt, -r/home/jenkins/workspace/osmclient-stage_2-merge_v12.0/requirements-test.txt
cover develop-inst: /home/jenkins/workspace/osmclient-stage_2-merge_v12.0
cover installed: bitarray==2.5.1,certifi==2022.6.15,charset-normalizer==2.0.12,click==8.1.3,coverage==6.4.1,enum34==1.1.10,idna==3.3,Jinja2==3.1.2,lxml==4.9.0,MarkupSafe==2.1.1,mock==4.0.3,nose2==0.11.0,osm_im @ git+https://osm.etsi.org/gerrit/osm/IM.git@a0b604e08d261d3c4a0f1cf86a4b597f5697b31a,-e git+https://osm.etsi.org/gerrit/osm/osmclient.git@e73c56e2e9480f79810865ccf1c9a3371f7a68a3#egg=osmclient,packaging==21.3,prettytable==3.3.0,pyang==2.5.3,pyangbind==0.8.1,pycurl==7.45.1,pyparsing==3.0.9,python-magic==0.4.27,PyYAML==5.4.1,regex==2022.6.2,requests==2.28.0,six==1.16.0,urllib3==1.26.9,verboselogs==1.7,wcwidth==0.2.5
cover run-test-pre: PYTHONHASHSEED='921331938'
cover run-test: commands[0] | sh -c 'rm -f nosetests.xml'
cover run-test: commands[1] | coverage erase
cover run-test: commands[2] | nose2 -C --coverage osmclient
...............................................
----------------------------------------------------------------------
Ran 47 tests in 10.151s
OK
Name Stmts Miss Cover
------------------------------------------------------------
osmclient/__init__.py 0 0 100%
osmclient/client.py 32 25 22%
osmclient/common/__init__.py 0 0 100%
osmclient/common/exceptions.py 6 0 100%
osmclient/common/http.py 69 38 45%
osmclient/common/package_handling.py 28 20 29%
osmclient/common/package_tool.py 441 393 11%
osmclient/common/sol004_package.py 36 17 53%
osmclient/common/sol007_package.py 32 15 53%
osmclient/common/sol_package.py 158 120 24%
osmclient/common/test/test_utils.py 36 0 100%
osmclient/common/utils.py 80 51 36%
osmclient/common/wait.py 83 63 24%
osmclient/scripts/__init__.py 0 0 100%
osmclient/scripts/osm.py 2612 1536 41%
osmclient/scripts/tests/tests_vca.py 100 0 100%
osmclient/sol005/__init__.py 0 0 100%
osmclient/sol005/client.py 102 72 29%
osmclient/sol005/http.py 151 130 14%
osmclient/sol005/k8scluster.py 118 101 14%
osmclient/sol005/ns.py 367 339 8%
osmclient/sol005/nsd.py 125 104 17%
osmclient/sol005/nsi.py 209 190 9%
osmclient/sol005/nst.py 128 108 16%
osmclient/sol005/osmrepo.py 309 260 16%
osmclient/sol005/package.py 64 51 20%
osmclient/sol005/pdud.py 94 79 16%
osmclient/sol005/project.py 74 61 18%
osmclient/sol005/repo.py 69 56 19%
osmclient/sol005/role.py 117 103 12%
osmclient/sol005/sdncontroller.py 97 80 18%
osmclient/sol005/subscription.py 71 58 18%
osmclient/sol005/tests/test_osmrepo.py 13 0 100%
osmclient/sol005/tests/test_vca.py 117 0 100%
osmclient/sol005/user.py 129 117 9%
osmclient/sol005/vca.py 64 0 100%
osmclient/sol005/vim.py 158 139 12%
osmclient/sol005/vnf.py 56 46 18%
osmclient/sol005/vnfd.py 208 182 12%
osmclient/sol005/wim.py 142 123 13%
osmclient/v1/__init__.py 0 0 100%
osmclient/v1/client.py 54 9 83%
osmclient/v1/key.py 18 18 0%
osmclient/v1/ns.py 118 89 25%
osmclient/v1/nsd.py 27 8 70%
osmclient/v1/package.py 34 17 50%
osmclient/v1/tests/test_ns.py 22 0 100%
osmclient/v1/tests/test_nsd.py 20 1 95%
osmclient/v1/tests/test_package.py 15 0 100%
osmclient/v1/tests/test_vnf.py 26 0 100%
osmclient/v1/tests/test_vnfd.py 20 1 95%
osmclient/v1/utils.py 9 4 56%
osmclient/v1/vca.py 27 27 0%
osmclient/v1/vim.py 184 162 12%
osmclient/v1/vnf.py 24 3 88%
osmclient/v1/vnfd.py 25 6 76%
------------------------------------------------------------
TOTAL 7318 5022 31%
cover run-test: commands[3] | coverage report '--omit=*tests*'
Name Stmts Miss Cover
----------------------------------------------------------
osmclient/__init__.py 0 0 100%
osmclient/client.py 32 25 22%
osmclient/common/__init__.py 0 0 100%
osmclient/common/exceptions.py 6 0 100%
osmclient/common/http.py 69 38 45%
osmclient/common/package_handling.py 28 20 29%
osmclient/common/package_tool.py 441 393 11%
osmclient/common/sol004_package.py 36 17 53%
osmclient/common/sol007_package.py 32 15 53%
osmclient/common/sol_package.py 158 120 24%
osmclient/common/test/test_utils.py 36 0 100%
osmclient/common/utils.py 80 51 36%
osmclient/common/wait.py 83 63 24%
osmclient/scripts/__init__.py 0 0 100%
osmclient/scripts/osm.py 2612 1536 41%
osmclient/sol005/__init__.py 0 0 100%
osmclient/sol005/client.py 102 72 29%
osmclient/sol005/http.py 151 130 14%
osmclient/sol005/k8scluster.py 118 101 14%
osmclient/sol005/ns.py 367 339 8%
osmclient/sol005/nsd.py 125 104 17%
osmclient/sol005/nsi.py 209 190 9%
osmclient/sol005/nst.py 128 108 16%
osmclient/sol005/osmrepo.py 309 260 16%
osmclient/sol005/package.py 64 51 20%
osmclient/sol005/pdud.py 94 79 16%
osmclient/sol005/project.py 74 61 18%
osmclient/sol005/repo.py 69 56 19%
osmclient/sol005/role.py 117 103 12%
osmclient/sol005/sdncontroller.py 97 80 18%
osmclient/sol005/subscription.py 71 58 18%
osmclient/sol005/user.py 129 117 9%
osmclient/sol005/vca.py 64 0 100%
osmclient/sol005/vim.py 158 139 12%
osmclient/sol005/vnf.py 56 46 18%
osmclient/sol005/vnfd.py 208 182 12%
osmclient/sol005/wim.py 142 123 13%
osmclient/v1/__init__.py 0 0 100%
osmclient/v1/client.py 54 9 83%
osmclient/v1/key.py 18 18 0%
osmclient/v1/ns.py 118 89 25%
osmclient/v1/nsd.py 27 8 70%
osmclient/v1/package.py 34 17 50%
osmclient/v1/utils.py 9 4 56%
osmclient/v1/vca.py 27 27 0%
osmclient/v1/vim.py 184 162 12%
osmclient/v1/vnf.py 24 3 88%
osmclient/v1/vnfd.py 25 6 76%
----------------------------------------------------------
TOTAL 6985 5020 28%
cover run-test: commands[4] | coverage html -d ./cover '--omit=*tests*'
Wrote HTML report to ./cover/index.html
cover run-test: commands[5] | coverage xml -o coverage.xml '--omit=*tests*'
Wrote XML report to coverage.xml
ERROR: invocation failed (exit code 1), logfile: /tmp/.tox/pylint/log/pylint-0.log
================================== log start ===================================
pylint create: /tmp/.tox/pylint
pylint installdeps: -r/home/jenkins/workspace/osmclient-stage_2-merge_v12.0/requirements.txt, -r/home/jenkins/workspace/osmclient-stage_2-merge_v12.0/requirements-dev.txt, -r/home/jenkins/workspace/osmclient-stage_2-merge_v12.0/requirements-test.txt, pylint
pylint develop-inst: /home/jenkins/workspace/osmclient-stage_2-merge_v12.0
pylint installed: astroid==3.2.2,bitarray==2.5.1,certifi==2022.6.15,charset-normalizer==2.0.12,click==8.1.3,coverage==6.4.1,dill==0.3.8,enum34==1.1.10,idna==3.3,isort==5.13.2,Jinja2==3.1.2,lxml==4.9.0,MarkupSafe==2.1.1,mccabe==0.7.0,mock==4.0.3,nose2==0.11.0,osm_im @ git+https://osm.etsi.org/gerrit/osm/IM.git@a0b604e08d261d3c4a0f1cf86a4b597f5697b31a,-e git+https://osm.etsi.org/gerrit/osm/osmclient.git@e73c56e2e9480f79810865ccf1c9a3371f7a68a3#egg=osmclient,packaging==21.3,platformdirs==4.2.2,prettytable==3.3.0,pyang==2.5.3,pyangbind==0.8.1,pycurl==7.45.1,pylint==3.2.2,pyparsing==3.0.9,python-magic==0.4.27,PyYAML==5.4.1,regex==2022.6.2,requests==2.28.0,six==1.16.0,tomli==2.0.1,tomlkit==0.12.5,typing_extensions==4.11.0,urllib3==1.26.9,verboselogs==1.7,wcwidth==0.2.5
pylint run-test-pre: PYTHONHASHSEED='2478164301'
pylint run-test: commands[0] | pylint -E osmclient
************* Module osmclient.scripts.osm
osmclient/scripts/osm.py:449:20: E0606: Possibly using variable 'project' before assignment (possibly-used-before-assignment)
osmclient/scripts/osm.py:450:20: E0601: Using variable 'vim' before assignment (used-before-assignment)
osmclient/scripts/osm.py:3348:15: E0606: Possibly using variable 'resp' before assignment (possibly-used-before-assignment)
************* Module osmclient.common.package_tool
osmclient/common/package_tool.py:712:12: E0606: Possibly using variable 'the_package' before assignment (possibly-used-before-assignment)
************* Module osmclient.sol005.ns
osmclient/sol005/ns.py:596:15: E0606: Possibly using variable 'http_code' before assignment (possibly-used-before-assignment)
ERROR: InvocationError for command /tmp/.tox/pylint/bin/pylint -E osmclient (exited with code 2)
=================================== log end ====================================
✖ FAIL pylint in 1 minute, 40.371 seconds
___________________________________ summary ____________________________________
black: commands succeeded
cover: commands succeeded
flake8: commands succeeded
ERROR: pylint: parallel child exit code 1
safety: commands succeeded
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
$ docker stop --time=1 9ad570199920265ebe587e5c2da9fa2b79482ffd6e56001597c73dc065ce1b61
$ docker rm -f 9ad570199920265ebe587e5c2da9fa2b79482ffd6e56001597c73dc065ce1b61
[Pipeline] // withDockerContainer
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
ERROR: script returned exit code 1
Finished: FAILURE