Console Output

Started by upstream project "buildall-stage_2-merge-v10" build number 299
originally caused by:
 Started by timer
 > git rev-parse --is-inside-work-tree # timeout=10
Setting origin to https://osm.etsi.org/gerrit/osm/RO.git
 > git config remote.origin.url https://osm.etsi.org/gerrit/osm/RO.git # timeout=10
Fetching origin...
Fetching upstream changes from origin
 > git --version # timeout=10
 > git config --get remote.origin.url # timeout=10
 > git fetch --tags --progress origin +refs/heads/*:refs/remotes/origin/*
Seen branch in repository origin/5962-rebase
Seen branch in repository origin/Azure
Seen branch in repository origin/GCP
Seen branch in repository origin/WIM
Seen branch in repository origin/bug1511
Seen branch in repository origin/contrail
Seen branch in repository origin/feature1429
Seen branch in repository origin/feature5837
Seen branch in repository origin/feature7106
Seen branch in repository origin/feature7148
Seen branch in repository origin/feature7184
Seen branch in repository origin/feature7928
Seen branch in repository origin/fog
Seen branch in repository origin/lcm
Seen branch in repository origin/master
Seen branch in repository origin/netslice
Seen branch in repository origin/ng-ro-refactor
Seen branch in repository origin/paas
Seen branch in repository origin/py3
Seen branch in repository origin/python3
Seen branch in repository origin/rift300
Seen branch in repository origin/snapcraft
Seen branch in repository origin/sol006
Seen branch in repository origin/sol006v331
Seen branch in repository origin/v1.0
Seen branch in repository origin/v1.1
Seen branch in repository origin/v10.0
Seen branch in repository origin/v11.0
Seen branch in repository origin/v12.0
Seen branch in repository origin/v13.0
Seen branch in repository origin/v14.0
Seen branch in repository origin/v15.0
Seen branch in repository origin/v2.0
Seen branch in repository origin/v3.1
Seen branch in repository origin/v4.0
Seen branch in repository origin/v5.0
Seen branch in repository origin/v6.0
Seen branch in repository origin/v7.0
Seen branch in repository origin/v8.0
Seen branch in repository origin/v9.0
Seen branch in repository origin/vio
Seen branch in repository origin/vnffg
Seen 42 remote branches
Obtained Jenkinsfile from 45cb01768d4b1c77a6311b45c48c7bf2abc32d5b
Running in Durability level: MAX_SURVIVABILITY
[Pipeline] properties
[Pipeline] node
Running on osm-cicd-2 in /home/jenkins/workspace/RO-stage_2-merge_v10.0
[Pipeline] {
[Pipeline] checkout
No credentials specified
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url https://osm.etsi.org/gerrit/osm/RO.git # timeout=10
Fetching without tags
Fetching upstream changes from https://osm.etsi.org/gerrit/osm/RO.git
 > git --version # timeout=10
 > git fetch --no-tags --force --progress https://osm.etsi.org/gerrit/osm/RO.git +refs/heads/*:refs/remotes/origin/*
Checking out Revision 45cb01768d4b1c77a6311b45c48c7bf2abc32d5b (v10.0)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f 45cb01768d4b1c77a6311b45c48c7bf2abc32d5b
Commit message: "Update stage-build to run tox sequentially"
 > git rev-list --no-walk 45cb01768d4b1c77a6311b45c48c7bf2abc32d5b # timeout=10
[Pipeline] dir
Running in /home/jenkins/workspace/RO-stage_2-merge_v10.0/devops
[Pipeline] {
No credentials specified
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url https://osm.etsi.org/gerrit/osm/devops # timeout=10
Fetching upstream changes from https://osm.etsi.org/gerrit/osm/devops
 > git --version # timeout=10
 > git fetch --tags --force --progress https://osm.etsi.org/gerrit/osm/devops +refs/heads/*:refs/remotes/origin/*
[Pipeline] git
 > git rev-parse refs/remotes/origin/v10.0^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/v10.0^{commit} # timeout=10
Checking out Revision f92f3137aeecbc88d221f44b7e992af1f5e116aa (refs/remotes/origin/v10.0)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f f92f3137aeecbc88d221f44b7e992af1f5e116aa
 > git branch -a -v --no-abbrev # timeout=10
 > git branch -D v10.0 # timeout=10
 > git checkout -b v10.0 f92f3137aeecbc88d221f44b7e992af1f5e116aa
Commit message: "Changing charmed installer to use 10.0/stable Fixing black error in keystone charm"
 > git rev-list --no-walk f92f3137aeecbc88d221f44b7e992af1f5e116aa # timeout=10
[Pipeline] }
[Pipeline] // dir
[Pipeline] load
[Pipeline] { (devops/jenkins/ci-pipelines/ci_stage_2.groovy)
[Pipeline] }
[Pipeline] // load
[Pipeline] echo
do_stage_3= false
[Pipeline] load
[Pipeline] { (devops/jenkins/ci-pipelines/ci_helper.groovy)
[Pipeline] }
[Pipeline] // load
[Pipeline] stage
[Pipeline] { (Prepare)
[Pipeline] sh
[RO-stage_2-merge_v10.0] Running shell script
+ env
JENKINS_HOME=/var/lib/jenkins
SSH_CLIENT=212.234.161.1 51943 22
USER=jenkins
RUN_CHANGES_DISPLAY_URL=https://osm.etsi.org/jenkins/job/RO-stage_2-merge/job/v10.0/404/display/redirect?page=changes
GERRIT_PROJECT=osm/RO
XDG_SESSION_TYPE=tty
SHLVL=0
NODE_LABELS=docker osm-cicd-2 osm2 pipeline stage_2
HUDSON_URL=https://osm.etsi.org/jenkins/
MOTD_SHOWN=pam
OLDPWD=/home/jenkins
HOME=/home/jenkins
BUILD_URL=https://osm.etsi.org/jenkins/job/RO-stage_2-merge/job/v10.0/404/
HUDSON_COOKIE=c5110666-5c88-41f8-b92a-b04ca6b28ac2
JENKINS_SERVER_COOKIE=durable-53c39a41410c50ef4db1d02f0124a0d9
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1001/bus
GERRIT_PATCHSET_REVISION=45cb01768d4b1c77a6311b45c48c7bf2abc32d5b
WORKSPACE=/home/jenkins/workspace/RO-stage_2-merge_v10.0
LOGNAME=jenkins
NODE_NAME=osm-cicd-2
GERRIT_BRANCH=v10.0
_=/usr/bin/java
RUN_ARTIFACTS_DISPLAY_URL=https://osm.etsi.org/jenkins/job/RO-stage_2-merge/job/v10.0/404/display/redirect?page=artifacts
XDG_SESSION_CLASS=user
EXECUTOR_NUMBER=4
XDG_SESSION_ID=144
RUN_TESTS_DISPLAY_URL=https://osm.etsi.org/jenkins/job/RO-stage_2-merge/job/v10.0/404/display/redirect?page=tests
BUILD_DISPLAY_NAME=#404
PROJECT_URL_PREFIX=https://osm.etsi.org/gerrit
HUDSON_HOME=/var/lib/jenkins
JOB_BASE_NAME=v10.0
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin
BUILD_ID=404
XDG_RUNTIME_DIR=/run/user/1001
BUILD_TAG=jenkins-RO-stage_2-merge-v10.0-404
JENKINS_URL=https://osm.etsi.org/jenkins/
LANG=C.UTF-8
JOB_URL=https://osm.etsi.org/jenkins/job/RO-stage_2-merge/job/v10.0/
BUILD_NUMBER=404
SHELL=/bin/bash
RUN_DISPLAY_URL=https://osm.etsi.org/jenkins/job/RO-stage_2-merge/job/v10.0/404/display/redirect
ARTIFACTORY_SERVER=artifactory-osm
GERRIT_REFSPEC=refs/changes/46/13146/2
HUDSON_SERVER_COOKIE=6d3295a483c3e6d5
JOB_DISPLAY_URL=https://osm.etsi.org/jenkins/job/RO-stage_2-merge/job/v10.0/display/redirect
JOB_NAME=RO-stage_2-merge/v10.0
TEST_INSTALL=false
PWD=/home/jenkins/workspace/RO-stage_2-merge_v10.0
SSH_CONNECTION=212.234.161.1 51943 172.21.249.2 22
BRANCH_NAME=v10.0
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Checkout)
[Pipeline] sh
[RO-stage_2-merge_v10.0] Running shell script
+ git fetch --tags
[Pipeline] sh
[RO-stage_2-merge_v10.0] Running shell script
+ git fetch origin refs/changes/46/13146/2
From https://osm.etsi.org/gerrit/osm/RO
 * branch            refs/changes/46/13146/2 -> FETCH_HEAD
[Pipeline] sh
[RO-stage_2-merge_v10.0] Running shell script
+ git checkout -f 45cb01768d4b1c77a6311b45c48c7bf2abc32d5b
HEAD is now at 45cb017 Update stage-build to run tox sequentially
[Pipeline] sh
[RO-stage_2-merge_v10.0] Running shell script
+ sudo git clean -dfx
Removing .cache/
Removing .coverage
Removing .local/
Removing RO-plugin/.eggs/
Removing RO-plugin/osm_ro_plugin.egg-info/
Removing cover/
Removing coverage.xml
Removing nosetests.xml
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (License Scan)
[Pipeline] echo
skip the scan for merge
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Release Note Check)
[Pipeline] fileExists
[Pipeline] echo
Not checking release notes for merge job
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Docker-Build)
[Pipeline] sh
[RO-stage_2-merge_v10.0] Running shell script
+ docker build -t osm/ro-v10.0 .
Sending build context to Docker daemon  63.85MB

Step 1/8 : FROM ubuntu:20.04
 ---> f78909c2b360
Step 2/8 : ARG APT_PROXY
 ---> Using cache
 ---> ad00a18b3e37
Step 3/8 : RUN if [ ! -z $APT_PROXY ] ; then     echo "Acquire::http::Proxy \"$APT_PROXY\";" > /etc/apt/apt.conf.d/proxy.conf ;    echo "Acquire::https::Proxy \"$APT_PROXY\";" >> /etc/apt/apt.conf.d/proxy.conf ;    fi
 ---> Using cache
 ---> 55e644c707a2
Step 4/8 : RUN DEBIAN_FRONTEND=noninteractive apt-get update &&     DEBIAN_FRONTEND=noninteractive apt-get -y install         debhelper         dh-python         git         python3         python3-all         python3-dev         python3-setuptools
 ---> Using cache
 ---> e43db79f9bab
Step 5/8 : RUN python3 -m easy_install pip==21.3.1
 ---> Using cache
 ---> 9d9fa8ea2760
Step 6/8 : RUN pip install tox==3.24.5
 ---> Using cache
 ---> c5eb3822f508
Step 7/8 : ENV LC_ALL C.UTF-8
 ---> Using cache
 ---> 322771f326f2
Step 8/8 : ENV LANG C.UTF-8
 ---> Using cache
 ---> 72ef3baeaf6d
Successfully built 72ef3baeaf6d
Successfully tagged osm/ro-v10.0:latest
[Pipeline] }
[Pipeline] // stage
[Pipeline] sh
[RO-stage_2-merge_v10.0] Running shell script
+ id -u
[Pipeline] sh
[RO-stage_2-merge_v10.0] Running shell script
+ id -g
[Pipeline] withDockerContainer
osm-cicd-2 does not seem to be running inside a container
$ docker run -t -d -u 1001:1001 -u root -w /home/jenkins/workspace/RO-stage_2-merge_v10.0 -v /home/jenkins/workspace/RO-stage_2-merge_v10.0:/home/jenkins/workspace/RO-stage_2-merge_v10.0:rw,z -v /home/jenkins/workspace/RO-stage_2-merge_v10.0@tmp:/home/jenkins/workspace/RO-stage_2-merge_v10.0@tmp:rw,z -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** --entrypoint cat osm/ro-v10.0
[Pipeline] {
[Pipeline] stage
[Pipeline] { (Test)
[Pipeline] sh
[RO-stage_2-merge_v10.0] Running shell script
+ groupadd -o -g 1001 -r jenkins
[Pipeline] sh
[RO-stage_2-merge_v10.0] Running shell script
+ pwd
+ useradd -o -u 1001 -d /home/jenkins/workspace/RO-stage_2-merge_v10.0 -r -g jenkins jenkins
[Pipeline] sh
[RO-stage_2-merge_v10.0] Running shell script
+ echo #! /bin/sh
[Pipeline] sh
[RO-stage_2-merge_v10.0] Running shell script
+ chmod 755 /usr/bin/mesg
[Pipeline] sh
[RO-stage_2-merge_v10.0] Running shell script
+ runuser jenkins -c devops-stages/stage-test.sh
Launching tox
black create: /tmp/.tox/black
black installdeps: black
black installed: black==23.12.1,click==8.1.7,mypy-extensions==1.0.0,packaging==23.2,pathspec==0.12.1,platformdirs==4.1.0,tomli==2.0.1,typing_extensions==4.9.0
black run-test-pre: PYTHONHASHSEED='3477536858'
black run-test: commands[0] | black --check --diff NG-RO
All done! ✨ 🍰 ✨
14 files would be left unchanged.
black run-test: commands[1] | black --check --diff RO-plugin
All done! ✨ 🍰 ✨
9 files would be left unchanged.
black run-test: commands[2] | black --check --diff RO-SDN-arista_cloudvision
All done! ✨ 🍰 ✨
6 files would be left unchanged.
black run-test: commands[3] | black --check --diff RO-SDN-dpb
All done! ✨ 🍰 ✨
4 files would be left unchanged.
black run-test: commands[4] | black --check --diff RO-SDN-dynpac
All done! ✨ 🍰 ✨
4 files would be left unchanged.
black run-test: commands[5] | black --check --diff RO-SDN-floodlight_openflow
All done! ✨ 🍰 ✨
5 files would be left unchanged.
black run-test: commands[6] | black --check --diff RO-SDN-ietfl2vpn
All done! ✨ 🍰 ✨
4 files would be left unchanged.
black run-test: commands[7] | black --check --diff RO-SDN-juniper_contrail
All done! ✨ 🍰 ✨
7 files would be left unchanged.
black run-test: commands[8] | black --check --diff RO-SDN-odl_openflow
All done! ✨ 🍰 ✨
5 files would be left unchanged.
black run-test: commands[9] | black --check --diff RO-SDN-onos_openflow
All done! ✨ 🍰 ✨
5 files would be left unchanged.
black run-test: commands[10] | black --check --diff RO-SDN-onos_vpls
All done! ✨ 🍰 ✨
4 files would be left unchanged.
black run-test: commands[11] | black --check --diff RO-VIM-aws
All done! ✨ 🍰 ✨
4 files would be left unchanged.
black run-test: commands[12] | black --check --diff RO-VIM-azure
All done! ✨ 🍰 ✨
4 files would be left unchanged.
black run-test: commands[13] | black --check --diff RO-VIM-openstack
All done! ✨ 🍰 ✨
5 files would be left unchanged.
black run-test: commands[14] | black --check --diff RO-VIM-openvim
All done! ✨ 🍰 ✨
4 files would be left unchanged.
black run-test: commands[15] | black --check --diff RO-VIM-vmware
All done! ✨ 🍰 ✨
6 files would be left unchanged.
flake8 create: /tmp/.tox/flake8
flake8 installdeps: flake8, flake8-import-order
flake8 installed: flake8==7.0.0,flake8-import-order==0.18.2,mccabe==0.7.0,pycodestyle==2.11.1,pyflakes==3.2.0
flake8 run-test-pre: PYTHONHASHSEED='3477536858'
flake8 run-test: commands[0] | flake8 NG-RO/osm_ng_ro/ NG-RO/setup.py
flake8 run-test: commands[1] | flake8 RO-plugin/osm_ro_plugin/ RO-plugin/setup.py
flake8 run-test: commands[2] | flake8 RO-SDN-arista_cloudvision/osm_rosdn_arista_cloudvision/ RO-SDN-arista_cloudvision/setup.py
flake8 run-test: commands[3] | flake8 RO-SDN-dpb/osm_rosdn_dpb/ RO-SDN-dpb/setup.py
flake8 run-test: commands[4] | flake8 RO-SDN-dynpac/osm_rosdn_dynpac/ RO-SDN-dynpac/setup.py
flake8 run-test: commands[5] | flake8 RO-SDN-floodlight_openflow/osm_rosdn_floodlightof/ RO-SDN-floodlight_openflow/setup.py
RO-SDN-floodlight_openflow/osm_rosdn_floodlightof/floodlight_of.py:244:16: E721 do not compare types, for exact checks use `is` / `is not`, for instance checks use `isinstance()`
            if type(info) != dict:
               ^
RO-SDN-floodlight_openflow/osm_rosdn_floodlightof/floodlight_of.py:448:24: E721 do not compare types, for exact checks use `is` / `is not`, for instance checks use `isinstance()`
                    if type(info) != dict:
                       ^
RO-SDN-floodlight_openflow/osm_rosdn_floodlightof/floodlight_of.py:460:25: E721 do not compare types, for exact checks use `is` / `is not`, for instance checks use `isinstance()`
                    if (
                        ^
ERROR: InvocationError for command /tmp/.tox/flake8/bin/flake8 RO-SDN-floodlight_openflow/osm_rosdn_floodlightof/ RO-SDN-floodlight_openflow/setup.py (exited with code 1)
safety create: /tmp/.tox/safety
safety installdeps: -r/home/jenkins/workspace/RO-stage_2-merge_v10.0/requirements.txt, safety
safety installed: adal==1.2.7,appdirs==1.4.4,attrs==21.4.0,autopage==0.4.0,azure-common==1.1.27,azure-core==1.21.1,azure-identity==1.7.1,azure-mgmt-compute==24.0.0,azure-mgmt-core==1.3.0,azure-mgmt-network==19.3.0,azure-mgmt-resource==20.0.0,bcrypt==3.2.0,boto==2.49.0,cachetools==4.2.4,certifi==2021.10.8,cffi==1.15.0,charset-normalizer==2.0.10,cheroot==8.6.0,CherryPy==18.1.2,click==8.1.7,cliff==3.10.0,cmd2==2.3.3,cryptography==36.0.1,cvprac==1.0.7,debtcollector==2.3.0,decorator==5.1.1,dogpile.cache==1.1.4,dparse==0.6.3,flufl.enum==4.1.1,google-api-core==2.3.2,google-api-python-client==2.34.0,google-auth==2.3.3,google-auth-httplib2==0.1.0,google-cloud==0.34.0,googleapis-common-protos==1.54.0,httplib2==0.20.2,humanfriendly==10.0,idna==3.3,importlib-metadata==4.10.0,iso8601==1.0.2,isodate==0.6.1,jaraco.functools==3.5.0,Jinja2==3.0.3,jmespath==0.10.0,jsonpatch==1.32,jsonpointer==2.2,jsonschema==3.2.0,keystoneauth1==4.4.0,logutils==0.3.5,lxml==4.7.1,MarkupSafe==2.0.1,more-itertools==8.12.0,msal==1.16.0,msal-extensions==0.3.1,msgpack==1.0.3,msrest==0.6.21,msrestazure==0.6.4,munch==4.0.0,netaddr==0.8.0,netifaces==0.11.0,oauthlib==3.1.1,openstacksdk==0.61.0,os-client-config==2.1.0,os-service-types==1.7.0,osc-lib==2.4.2,oslo.config==8.7.1,oslo.context==3.4.0,oslo.i18n==5.1.0,oslo.log==4.6.1,oslo.serialization==4.2.0,oslo.utils==4.12.0,packaging==21.3,paramiko==2.9.2,pbr==5.8.0,portalocker==2.3.2,portend==3.1.0,prettytable==3.0.0,progressbar==2.5,protobuf==3.19.3,pyasn1==0.4.8,pyasn1-modules==0.2.8,pycparser==2.21,Pygments==2.11.2,pyinotify==0.9.6,PyJWT==2.3.0,PyNaCl==1.5.0,pyOpenSSL==21.0.0,pyparsing==3.0.6,pyperclip==1.8.2,pyrsistent==0.18.0,python-cinderclient==7.4.1,python-dateutil==2.8.2,python-glanceclient==3.5.0,python-keystoneclient==4.4.0,python-neutronclient==7.7.0,python-novaclient==17.6.0,python-openstackclient==5.7.0,pytz==2021.3,pyvcloud==19.1.1,pyvmomi==7.0.3,PyYAML==5.4.1,requests==2.27.1,requests-oauthlib==1.3.0,requestsexceptions==1.4.0,rfc3986==2.0.0,rsa==4.8,ruamel.yaml==0.18.5,ruamel.yaml.clib==0.2.8,safety==2.3.5,simplejson==3.17.6,six==1.16.0,stevedore==3.5.0,tempora==5.0.0,tomli==2.0.1,uritemplate==4.1.1,urllib3==1.26.8,uuid==1.30,warlock==1.3.3,wcwidth==0.2.5,wrapt==1.13.3,zc.lockfile==2.0,zipp==3.7.0
safety run-test-pre: PYTHONHASHSEED='3477536858'
safety run-test: commands[0] | - safety check --full-report
+==============================================================================+

                               /$$$$$$            /$$
                              /$$__  $$          | $$
           /$$$$$$$  /$$$$$$ | $$  \__//$$$$$$  /$$$$$$   /$$   /$$
          /$$_____/ |____  $$| $$$$   /$$__  $$|_  $$_/  | $$  | $$
         |  $$$$$$   /$$$$$$$| $$_/  | $$$$$$$$  | $$    | $$  | $$
          \____  $$ /$$__  $$| $$    | $$_____/  | $$ /$$| $$  | $$
          /$$$$$$$/|  $$$$$$$| $$    |  $$$$$$$  |  $$$$/|  $$$$$$$
         |_______/  \_______/|__/     \_______/   \___/   \____  $$
                                                          /$$  | $$
                                                         |  $$$$$$/
  by pyup.io                                              \______/

+==============================================================================+

 REPORT 

  Safety is using PyUp's free open-source vulnerability database. This
data is 30 days old and limited. 
  For real-time enhanced vulnerability data, fix recommendations, severity
reporting, cybersecurity support, team and project policy management and more
sign up at https://pyup.io or email sales@pyup.io

  Safety v2.3.5 is scanning for Vulnerabilities...
  Scanning dependencies in your environment:

  -> /tmp/.tox/safety/lib/python3.8/site-packages

  Using non-commercial database
  Found and scanned 125 packages
  Timestamp 2024-01-18 09:11:53
  16 vulnerabilities found
  0 vulnerabilities ignored

+==============================================================================+
 VULNERABILITIES FOUND 
+==============================================================================+

-> Vulnerability found in pyjwt version 2.3.0
   Vulnerability ID: 48542
   Affected spec: >=1.5.0,<2.4.0
   ADVISORY: PyJWT 2.4.0 includes a fix for CVE-2022-29217: An attacker
   submitting the JWT token can choose the used signing algorithm. The PyJWT
   library requires that the application chooses what algorithms are supported.
   The application can specify 'jwt.algorithms.get_default_algorithms()' to get
   support for all algorithms, or specify a single algorithm. The issue is not
   that big as 'algorithms=jwt.algorithms.get_default_algorithms()' has to be
   used. As a workaround, always be explicit with the algorithms that are
   accepted and expected when decoding.
   CVE-2022-29217
   For more information, please visit
   https://data.safetycli.com/v/48542/f17


-> Vulnerability found in pygments version 2.11.2
   Vulnerability ID: 58910
   Affected spec: <2.15.0
   ADVISORY: Pygments 2.15.0 includes a fix for CVE-2022-40896: The
   regular expressions used when parsing Smithy, SQL/SQL+Jinja, and Java
   properties files were discovered to be vulnerable. As a result, pygmentizing
   a maliciously-crafted file of these kinds would have resulted in high
   resources consumption or crashing of the
   application.https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-
   top-python-packages-part-2
   CVE-2022-40896
   For more information, please visit
   https://data.safetycli.com/v/58910/f17


-> Vulnerability found in certifi version 2021.10.8
   Vulnerability ID: 59956
   Affected spec: >=2015.04.28,<2023.07.22
   ADVISORY: Certifi 2023.07.22 includes a fix for CVE-2023-37920:
   Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates.
   e-Tugra's root certificates were subject to an investigation prompted by
   reporting of security issues in their systems. Certifi 2023.07.22 removes
   root certificates from "e-Tugra" from the root
   store.https://github.com/certifi/python-certifi/security/advisories/GHSA-
   xqr8-7jwr-rhp7
   CVE-2023-37920
   For more information, please visit
   https://data.safetycli.com/v/59956/f17


-> Vulnerability found in certifi version 2021.10.8
   Vulnerability ID: 52365
   Affected spec: <2022.12.07
   ADVISORY: Certifi 2022.12.07 includes a fix for CVE-2022-23491:
   Certifi 2022.12.07 removes root certificates from "TrustCor" from the root
   store. These are in the process of being removed from Mozilla's trust store.
   TrustCor's root certificates are being removed pursuant to an investigation
   prompted by media reporting that TrustCor's ownership also operated a
   business that produced spyware. Conclusions of Mozilla's investigation can be
   found in the linked google group
   discussion.https://github.com/certifi/python-
   certifi/security/advisories/GHSA-43fp-
   rhv2-5gv8https://groups.google.com/a/mozilla.org/g/dev-security-
   policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ
   CVE-2022-23491
   For more information, please visit
   https://data.safetycli.com/v/52365/f17


-> Vulnerability found in cryptography version 36.0.1
   Vulnerability ID: 62556
   Affected spec: >=3.1,<41.0.6
   ADVISORY: Cryptography 41.0.6 includes a fix for CVE-2023-49083:
   NULL-dereference when loading PKCS7
   certificates.https://github.com/advisories/GHSA-jfhm-5ghh-2f97
   CVE-2023-49083
   For more information, please visit
   https://data.safetycli.com/v/62556/f17


-> Vulnerability found in cryptography version 36.0.1
   Vulnerability ID: 59473
   Affected spec: <41.0.2
   ADVISORY: The cryptography package before 41.0.2 for Python
   mishandles SSH certificates that have critical options.
   CVE-2023-38325
   For more information, please visit
   https://data.safetycli.com/v/59473/f17


-> Vulnerability found in cryptography version 36.0.1
   Vulnerability ID: 53048
   Affected spec: >=1.8,<39.0.1
   ADVISORY: Cryptography 39.0.1 includes a fix for CVE-2023-23931: In
   affected versions 'Cipher.update_into' would accept Python objects which
   implement the buffer protocol, but provide only immutable buffers. This would
   allow immutable objects (such as 'bytes') to be mutated, thus violating
   fundamental rules of Python and resulting in corrupted output. This issue has
   been present since 'update_into' was originally introduced in cryptography
   1.8.https://github.com/pyca/cryptography/security/advisories/GHSA-w7pp-m8wf-
   vj6r
   CVE-2023-23931
   For more information, please visit
   https://data.safetycli.com/v/53048/f17


-> Vulnerability found in lxml version 4.7.1
   Vulnerability ID: 50748
   Affected spec: <4.9.1
   ADVISORY: Lxml 4.9.1 includes a fix for CVE-2022-2309: NULL Pointer
   Dereference allows attackers to cause a denial of service (or application
   crash). This only applies when lxml is used together with libxml2 2.9.10
   through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows
   triggering crashes through forged input data, given a vulnerable code
   sequence in the application. The vulnerability is caused by the iterwalk
   function (also used by the canonicalize function). Such code shouldn't be in
   wide-spread use, given that parsing + iterwalk would usually be replaced with
   the more efficient iterparse function. However, an XML converter that
   serialises to C14N would also be vulnerable, for example, and there are
   legitimate use cases for this code sequence. If untrusted input is received
   (also remotely) and processed via iterwalk function, a crash can be
   triggered.
   CVE-2022-2309
   For more information, please visit
   https://data.safetycli.com/v/50748/f17


-> Vulnerability found in oauthlib version 3.1.1
   Vulnerability ID: 50959
   Affected spec: >=3.1.1,<3.2.1
   ADVISORY: OAuthLib 3.2.1 includes a fix for CVE-2022-36087: In
   OAuthLib versions 3.1.1 until 3.2.1, an attacker providing malicious redirect
   uri can cause denial of service. An attacker can also leverage usage of
   'uri_validate' functions depending where it is used. OAuthLib applications
   using OAuth2.0 provider support or use directly 'uri_validate' are affected
   by this issue. There are no known workarounds.https://github.com/oauthlib/oau
   thlib/security/advisories/GHSA-3pgj-pg6c-r5p7
   CVE-2022-36087
   For more information, please visit
   https://data.safetycli.com/v/50959/f17


-> Vulnerability found in oslo-utils version 4.12.0
   Vulnerability ID: 50849
   Affected spec: <4.12.1
   ADVISORY: Oslo-utils 4.12.1 includes a fix for CVE-2022-0718: Due to
   improper parsing, passwords with a double quote ( " ) in them cause incorrect
   masking in debug logs, causing any part of the password after the double
   quote to be plaintext.
   CVE-2022-0718
   For more information, please visit
   https://data.safetycli.com/v/50849/f17


-> Vulnerability found in paramiko version 2.9.2
   Vulnerability ID: 54709
   Affected spec: >=0,<2.9.3
   ADVISORY: In Paramiko before 2.10.1, a race condition (between
   creation and chmod) in the write_private_key_file function could allow
   unauthorized information disclosure.
   CVE-2022-24302
   For more information, please visit
   https://data.safetycli.com/v/54709/f17


-> Vulnerability found in protobuf version 3.19.3
   Vulnerability ID: 51167
   Affected spec: >=3.19.0rc0,<3.19.5
   ADVISORY: Protobuf 3.18.3, 3.19.5, 3.20.2 and 4.21.6 include a fix
   for CVE-2022-1941: A parsing vulnerability for the MessageSet type in the
   ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2,
   3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and
   including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-
   python can lead to out of memory failures. A specially crafted message with
   multiple key-value per elements creates parsing issues, and can lead to a
   Denial of Service against services receiving unsanitized input.https://github
   .com/protocolbuffers/protobuf/security/advisories/GHSA-8gq9-2x98-w8hf
   CVE-2022-1941
   For more information, please visit
   https://data.safetycli.com/v/51167/f17


-> Vulnerability found in pyvcloud version 19.1.1
   Vulnerability ID: 36809
   Affected spec: <20.0.0
   ADVISORY: Pyvcloud 20.0.0 fixes CVE-2017-18342: Replace yaml.load()
   with yaml.safe_load()
   CVE-2017-18342
   For more information, please visit
   https://data.safetycli.com/v/36809/f17


-> Vulnerability found in requests version 2.27.1
   Vulnerability ID: 58755
   Affected spec: >=2.3.0,<2.31.0
   ADVISORY: Requests 2.31.0 includes a fix for CVE-2023-32681: Since
   Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to
   destination servers when redirected to an HTTPS endpoint. This is a product
   of how we use 'rebuild_proxies' to reattach the 'Proxy-Authorization' header
   to requests. For HTTP connections sent through the tunnel, the proxy will
   identify the header in the request itself and remove it prior to forwarding
   to the destination server. However when sent over HTTPS, the 'Proxy-
   Authorization' header must be sent in the CONNECT request as the proxy has no
   visibility into the tunneled request. This results in Requests forwarding
   proxy credentials to the destination server unintentionally, allowing a
   malicious actor to potentially exfiltrate sensitive information.
   CVE-2023-32681
   For more information, please visit
   https://data.safetycli.com/v/58755/f17


-> Vulnerability found in urllib3 version 1.26.8
   Vulnerability ID: 61601
   Affected spec: <1.26.17
   ADVISORY: Urllib3 1.26.17 and 2.0.5 include a fix for CVE-2023-43804:
   Urllib3 doesn't treat the 'Cookie' HTTP header special or provide any helpers
   for managing cookies over HTTP, that is the responsibility of the user.
   However, it is possible for a user to specify a 'Cookie' header and
   unknowingly leak information via HTTP redirects to a different origin if that
   user doesn't disable redirects explicitly.https://github.com/urllib3/urllib3/
   security/advisories/GHSA-v845-jxx5-vc9f
   CVE-2023-43804
   For more information, please visit
   https://data.safetycli.com/v/61601/f17


-> Vulnerability found in urllib3 version 1.26.8
   Vulnerability ID: 61893
   Affected spec: <1.26.18
   ADVISORY: Urllib3 1.26.18 and 2.0.7 include a fix for CVE-2023-45803:
   Request body not stripped after redirect from 303 status changes request
   method to GET.https://github.com/urllib3/urllib3/security/advisories/GHSA-g4m
   x-q9vg-27p4
   CVE-2023-45803
   For more information, please visit
   https://data.safetycli.com/v/61893/f17

 Scan was completed. 16 vulnerabilities were found. 

+==============================================================================+
   REMEDIATIONS

  16 vulnerabilities were found in 12 packages. For detailed remediation & fix 
  recommendations, upgrade to a commercial license. 

+==============================================================================+

  Safety is using PyUp's free open-source vulnerability database. This
data is 30 days old and limited. 
  For real-time enhanced vulnerability data, fix recommendations, severity
reporting, cybersecurity support, team and project policy management and more
sign up at https://pyup.io or email sales@pyup.io

+==============================================================================+
cover create: /tmp/.tox/cover
cover installdeps: -r/home/jenkins/workspace/RO-stage_2-merge_v10.0/requirements.txt, -r/home/jenkins/workspace/RO-stage_2-merge_v10.0/requirements-dev.txt, -r/home/jenkins/workspace/RO-stage_2-merge_v10.0/requirements-test.txt
cover installed: adal==1.2.7,aiokafka==0.7.2,appdirs==1.4.4,attrs==21.4.0,autopage==0.4.0,azure-common==1.1.27,azure-core==1.21.1,azure-identity==1.7.1,azure-mgmt-compute==24.0.0,azure-mgmt-core==1.3.0,azure-mgmt-network==19.3.0,azure-mgmt-resource==20.0.0,bcrypt==3.2.0,boto==2.49.0,cachetools==4.2.4,certifi==2021.10.8,cffi==1.15.0,charset-normalizer==2.0.10,cheroot==8.6.0,CherryPy==18.1.2,cliff==3.10.0,cmd2==2.3.3,coverage==6.2,cryptography==36.0.1,cvprac==1.0.7,dataclasses==0.6,debtcollector==2.3.0,decorator==5.1.1,dogpile.cache==1.1.4,flufl.enum==4.1.1,google-api-core==2.3.2,google-api-python-client==2.34.0,google-auth==2.3.3,google-auth-httplib2==0.1.0,google-cloud==0.34.0,googleapis-common-protos==1.54.0,httplib2==0.20.2,humanfriendly==10.0,idna==3.3,importlib-metadata==4.10.0,iso8601==1.0.2,isodate==0.6.1,jaraco.functools==3.5.0,Jinja2==3.0.3,jmespath==0.10.0,jsonpatch==1.32,jsonpointer==2.2,jsonschema==3.2.0,kafka-python==2.0.2,keystoneauth1==4.4.0,logutils==0.3.5,lxml==4.7.1,MarkupSafe==2.0.1,mock==4.0.3,more-itertools==8.12.0,msal==1.16.0,msal-extensions==0.3.1,msgpack==1.0.3,msrest==0.6.21,msrestazure==0.6.4,munch==4.0.0,netaddr==0.8.0,netifaces==0.11.0,nose2==0.10.0,oauthlib==3.1.1,openstacksdk==0.61.0,os-client-config==2.1.0,os-service-types==1.7.0,osc-lib==2.4.2,oslo.config==8.7.1,oslo.context==3.4.0,oslo.i18n==5.1.0,oslo.log==4.6.1,oslo.serialization==4.2.0,oslo.utils==4.12.0,osm-common @ git+https://osm.etsi.org/gerrit/osm/common.git@7ddcf697a6a19d03211cf78bc653cc3974594b1e,-e git+https://osm.etsi.org/gerrit/osm/RO.git@45cb01768d4b1c77a6311b45c48c7bf2abc32d5b#egg=osm_ro_plugin&subdirectory=RO-plugin,packaging==21.3,paramiko==2.9.2,pbr==5.8.0,portalocker==2.3.2,portend==3.1.0,prettytable==3.0.0,progressbar==2.5,protobuf==3.19.3,pyasn1==0.4.8,pyasn1-modules==0.2.8,pycparser==2.21,pycrypto==2.6.1,Pygments==2.11.2,pyinotify==0.9.6,PyJWT==2.3.0,pymongo==3.12.3,PyNaCl==1.5.0,pyOpenSSL==21.0.0,pyparsing==3.0.6,pyperclip==1.8.2,pyrsistent==0.18.0,python-cinderclient==7.4.1,python-dateutil==2.8.2,python-glanceclient==3.5.0,python-keystoneclient==4.4.0,python-neutronclient==7.7.0,python-novaclient==17.6.0,python-openstackclient==5.7.0,pytz==2021.3,pyvcloud==19.1.1,pyvmomi==7.0.3,PyYAML==5.4.1,requests==2.27.1,requests-oauthlib==1.3.0,requestsexceptions==1.4.0,rfc3986==2.0.0,rsa==4.8,simplejson==3.17.6,six==1.16.0,stevedore==3.5.0,tempora==5.0.0,uritemplate==4.1.1,urllib3==1.26.8,uuid==1.30,warlock==1.3.3,wcwidth==0.2.5,wrapt==1.13.3,zc.lockfile==2.0,zipp==3.7.0
cover run-test-pre: PYTHONHASHSEED='3477536858'
cover run-test: commands[0] | sh -c 'rm -f nosetests.xml'
cover run-test: commands[1] | coverage erase
cover run-test: commands[2] | nose2 -C --coverage NG-RO/osm_ng_ro -s NG-RO/osm_ng_ro
ERROR:root:The 'osm_ng_ro' distribution was not found and is required by the application occured while getting the ro version
Traceback (most recent call last):
  File "/home/jenkins/workspace/RO-stage_2-merge_v10.0/NG-RO/osm_ng_ro/__init__.py", line 26, in <module>
    version = get_distribution("osm_ng_ro").version
  File "/tmp/.tox/cover/lib/python3.8/site-packages/pkg_resources/__init__.py", line 528, in get_distribution
    dist = get_provider(dist)
  File "/tmp/.tox/cover/lib/python3.8/site-packages/pkg_resources/__init__.py", line 400, in get_provider
    return working_set.find(moduleOrReq) or require(str(moduleOrReq))[0]
  File "/tmp/.tox/cover/lib/python3.8/site-packages/pkg_resources/__init__.py", line 968, in require
    needed = self.resolve(parse_requirements(requirements))
  File "/tmp/.tox/cover/lib/python3.8/site-packages/pkg_resources/__init__.py", line 829, in resolve
    dist = self._resolve_dist(
  File "/tmp/.tox/cover/lib/python3.8/site-packages/pkg_resources/__init__.py", line 870, in _resolve_dist
    raise DistributionNotFound(req, requirers)
pkg_resources.DistributionNotFound: The 'osm_ng_ro' distribution was not found and is required by the application
....ERROR:ro.workerworker-3:Error updating tasks to enable VM status updates: 'my_target_vim'
..ERROR:ro.workerworker-3:Error updating tasks to enable VM status updates: 'my_target_vim'
.ERROR:ro.workerworker-3:Error updating tasks to enable VM status updates: 'my_target_vim'
.ERROR:ro.workerworker-3:Error updating tasks to enable VM status updates: 'my_target_vim'
.................................................................................................................................................
----------------------------------------------------------------------
Ran 153 tests in 0.738s

OK
Name                                      Stmts   Miss  Cover
-------------------------------------------------------------
NG-RO/osm_ng_ro/__init__.py                   8      0   100%
NG-RO/osm_ng_ro/html_out.py                  55     55     0%
NG-RO/osm_ng_ro/monitor.py                  301      3    99%
NG-RO/osm_ng_ro/ns.py                       624    557    11%
NG-RO/osm_ng_ro/ns_thread.py               1176    941    20%
NG-RO/osm_ng_ro/ro_main.py                  457    457     0%
NG-RO/osm_ng_ro/tests/__init__.py             0      0   100%
NG-RO/osm_ng_ro/tests/sample_data.py         40      0   100%
NG-RO/osm_ng_ro/tests/test_monitor.py      1421      4    99%
NG-RO/osm_ng_ro/tests/test_ns.py             54      0   100%
NG-RO/osm_ng_ro/tests/test_ns_thread.py     202      0   100%
NG-RO/osm_ng_ro/validation.py                33     13    61%
NG-RO/osm_ng_ro/vim_admin.py                224    187    17%
-------------------------------------------------------------
TOTAL                                      4595   2217    52%

cover run-test: commands[3] | sh -c 'mv .coverage .coverage_ng_ro'
cover run-test: commands[4] | nose2 -C --coverage RO-SDN-juniper_contrail/osm_rosdn_juniper_contrail -s RO-SDN-juniper_contrail/osm_rosdn_juniper_contrail
....
----------------------------------------------------------------------
Ran 4 tests in 0.006s

OK
Name                                                                                            Stmts   Miss  Cover
-------------------------------------------------------------------------------------------------------------------
RO-SDN-juniper_contrail/osm_rosdn_juniper_contrail/__init__.py                                      0      0   100%
RO-SDN-juniper_contrail/osm_rosdn_juniper_contrail/rest_lib.py                                    126     90    29%
RO-SDN-juniper_contrail/osm_rosdn_juniper_contrail/sdn_api.py                                     154     83    46%
RO-SDN-juniper_contrail/osm_rosdn_juniper_contrail/sdn_assist_juniper_contrail.py                 382    311    19%
RO-SDN-juniper_contrail/osm_rosdn_juniper_contrail/tests/__init__.py                                0      0   100%
RO-SDN-juniper_contrail/osm_rosdn_juniper_contrail/tests/test_sdn_asssist_juniper_contrail.py      35      0   100%
-------------------------------------------------------------------------------------------------------------------
TOTAL                                                                                             697    484    31%

cover run-test: commands[5] | sh -c 'mv .coverage .coverage_rosdn_juniper_contrail'
cover run-test: commands[6] | coverage combine .coverage_ng_ro .coverage_rosdn_juniper_contrail
Combined data file .coverage_ng_ro
Combined data file .coverage_rosdn_juniper_contrail
cover run-test: commands[7] | coverage report '--omit=*tests*'
Name                                                                                Stmts   Miss  Cover
-------------------------------------------------------------------------------------------------------
NG-RO/osm_ng_ro/__init__.py                                                             8      0   100%
NG-RO/osm_ng_ro/html_out.py                                                            55     55     0%
NG-RO/osm_ng_ro/monitor.py                                                            301      3    99%
NG-RO/osm_ng_ro/ns.py                                                                 624    557    11%
NG-RO/osm_ng_ro/ns_thread.py                                                         1176    941    20%
NG-RO/osm_ng_ro/ro_main.py                                                            457    457     0%
NG-RO/osm_ng_ro/validation.py                                                          33     13    61%
NG-RO/osm_ng_ro/vim_admin.py                                                          224    187    17%
RO-SDN-juniper_contrail/osm_rosdn_juniper_contrail/__init__.py                          0      0   100%
RO-SDN-juniper_contrail/osm_rosdn_juniper_contrail/rest_lib.py                        126     90    29%
RO-SDN-juniper_contrail/osm_rosdn_juniper_contrail/sdn_api.py                         154     83    46%
RO-SDN-juniper_contrail/osm_rosdn_juniper_contrail/sdn_assist_juniper_contrail.py     382    311    19%
-------------------------------------------------------------------------------------------------------
TOTAL                                                                                3540   2697    24%
cover run-test: commands[8] | coverage html -d ./cover '--omit=*tests*'
Wrote HTML report to ./cover/index.html
cover run-test: commands[9] | coverage xml -o coverage.xml '--omit=*tests*'
Wrote XML report to coverage.xml
___________________________________ summary ____________________________________
  black: commands succeeded
ERROR:   flake8: commands failed
  safety: commands succeeded
  cover: commands succeeded
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
$ docker stop --time=1 eea86d8460946fd7d789f80756aa9be53dff5b52383be5b9de2451b894a288cb
$ docker rm -f eea86d8460946fd7d789f80756aa9be53dff5b52383be5b9de2451b894a288cb
[Pipeline] // withDockerContainer
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
ERROR: script returned exit code 1
Finished: FAILURE