Started by upstream project "buildall-stage_2-merge-v14" build number 302 originally caused by: Started by timer > git rev-parse --is-inside-work-tree # timeout=10 Setting origin to https://osm.etsi.org/gerrit/osm/tests.git > git config remote.origin.url https://osm.etsi.org/gerrit/osm/tests.git # timeout=10 Fetching origin... Fetching upstream changes from origin > git --version # timeout=10 > git config --get remote.origin.url # timeout=10 > git fetch --tags --progress origin +refs/heads/*:refs/remotes/origin/* Seen branch in repository origin/bug1511 Seen branch in repository origin/master Seen branch in repository origin/ng-ro-refactor Seen branch in repository origin/paas Seen branch in repository origin/sol006 Seen branch in repository origin/sol006v331 Seen branch in repository origin/v10.0 Seen branch in repository origin/v11.0 Seen branch in repository origin/v12.0 Seen branch in repository origin/v13.0 Seen branch in repository origin/v14.0 Seen branch in repository origin/v15.0 Seen branch in repository origin/v8.0 Seen branch in repository origin/v9.0 Seen 14 remote branches Obtained Jenkinsfile from d536011e3d26b80db7645517de7471e0dd355620 Running in Durability level: MAX_SURVIVABILITY [Pipeline] properties [Pipeline] node Running on osm-cicd-3 in /home/jenkins/workspace/tests-stage_2-merge_v14.0 [Pipeline] { [Pipeline] checkout No credentials specified > git rev-parse --is-inside-work-tree # timeout=10 Fetching changes from the remote Git repository > git config remote.origin.url https://osm.etsi.org/gerrit/osm/tests.git # timeout=10 Fetching without tags Fetching upstream changes from https://osm.etsi.org/gerrit/osm/tests.git > git --version # timeout=10 > git fetch --no-tags --force --progress https://osm.etsi.org/gerrit/osm/tests.git +refs/heads/*:refs/remotes/origin/* Checking out Revision d536011e3d26b80db7645517de7471e0dd355620 (v14.0) > git config core.sparsecheckout # timeout=10 > git checkout -f d536011e3d26b80db7645517de7471e0dd355620 Commit message: "Fix stuck when executing a background command via SSH is SA02" > git rev-list --no-walk d536011e3d26b80db7645517de7471e0dd355620 # timeout=10 [Pipeline] dir Running in /home/jenkins/workspace/tests-stage_2-merge_v14.0/devops [Pipeline] { No credentials specified [Pipeline] git > git rev-parse --is-inside-work-tree # timeout=10 Fetching changes from the remote Git repository > git config remote.origin.url https://osm.etsi.org/gerrit/osm/devops # timeout=10 Fetching upstream changes from https://osm.etsi.org/gerrit/osm/devops > git --version # timeout=10 > git fetch --tags --force --progress https://osm.etsi.org/gerrit/osm/devops +refs/heads/*:refs/remotes/origin/* > git rev-parse refs/remotes/origin/v14.0^{commit} # timeout=10 > git rev-parse refs/remotes/origin/origin/v14.0^{commit} # timeout=10 Checking out Revision 9a0f65691eb79dd509d0f3750a1e9144737a0d80 (refs/remotes/origin/v14.0) > git config core.sparsecheckout # timeout=10 > git checkout -f 9a0f65691eb79dd509d0f3750a1e9144737a0d80 > git branch -a -v --no-abbrev # timeout=10 > git branch -D v14.0 # timeout=10 > git checkout -b v14.0 9a0f65691eb79dd509d0f3750a1e9144737a0d80 Commit message: "fix VIM monitoring bug 2354" > git rev-list --no-walk 9a0f65691eb79dd509d0f3750a1e9144737a0d80 # timeout=10 [Pipeline] } [Pipeline] // dir [Pipeline] load [Pipeline] { (devops/jenkins/ci-pipelines/ci_stage_2.groovy) [Pipeline] } [Pipeline] // load [Pipeline] echo do_stage_3= false [Pipeline] load [Pipeline] { (devops/jenkins/ci-pipelines/ci_helper.groovy) [Pipeline] } [Pipeline] // load [Pipeline] stage [Pipeline] { (Prepare) [Pipeline] sh [tests-stage_2-merge_v14.0] Running shell script + env JENKINS_HOME=/var/lib/jenkins SSH_CLIENT=212.234.161.1 32791 22 USER=jenkins RUN_CHANGES_DISPLAY_URL=https://osm.etsi.org/jenkins/job/tests-stage_2-merge/job/v14.0/313/display/redirect?page=changes GERRIT_PROJECT=osm/tests XDG_SESSION_TYPE=tty SHLVL=0 NODE_LABELS=osm-cicd-3 osm3 stage_2 HUDSON_URL=https://osm.etsi.org/jenkins/ MOTD_SHOWN=pam OLDPWD=/home/jenkins HOME=/home/jenkins BUILD_URL=https://osm.etsi.org/jenkins/job/tests-stage_2-merge/job/v14.0/313/ HUDSON_COOKIE=c418d263-0e31-445f-aa72-6ef5b38fd0bb JENKINS_SERVER_COOKIE=durable-d23a92a01ecc19e97eb4c646cbc080d4 DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1001/bus GERRIT_PATCHSET_REVISION=d536011e3d26b80db7645517de7471e0dd355620 WORKSPACE=/home/jenkins/workspace/tests-stage_2-merge_v14.0 LOGNAME=jenkins NODE_NAME=osm-cicd-3 GERRIT_BRANCH=v14.0 _=/usr/bin/java RUN_ARTIFACTS_DISPLAY_URL=https://osm.etsi.org/jenkins/job/tests-stage_2-merge/job/v14.0/313/display/redirect?page=artifacts XDG_SESSION_CLASS=user EXECUTOR_NUMBER=5 XDG_SESSION_ID=2057 RUN_TESTS_DISPLAY_URL=https://osm.etsi.org/jenkins/job/tests-stage_2-merge/job/v14.0/313/display/redirect?page=tests BUILD_DISPLAY_NAME=#313 PROJECT_URL_PREFIX=https://osm.etsi.org/gerrit HUDSON_HOME=/var/lib/jenkins JOB_BASE_NAME=v14.0 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin BUILD_ID=313 XDG_RUNTIME_DIR=/run/user/1001 BUILD_TAG=jenkins-tests-stage_2-merge-v14.0-313 JENKINS_URL=https://osm.etsi.org/jenkins/ LANG=C.UTF-8 JOB_URL=https://osm.etsi.org/jenkins/job/tests-stage_2-merge/job/v14.0/ BUILD_NUMBER=313 SHELL=/bin/bash RUN_DISPLAY_URL=https://osm.etsi.org/jenkins/job/tests-stage_2-merge/job/v14.0/313/display/redirect ARTIFACTORY_SERVER=artifactory-osm GERRIT_REFSPEC=refs/changes/36/14036/1 HUDSON_SERVER_COOKIE=6d3295a483c3e6d5 JOB_DISPLAY_URL=https://osm.etsi.org/jenkins/job/tests-stage_2-merge/job/v14.0/display/redirect JOB_NAME=tests-stage_2-merge/v14.0 TEST_INSTALL=false PWD=/home/jenkins/workspace/tests-stage_2-merge_v14.0 SSH_CONNECTION=212.234.161.1 32791 172.21.249.3 22 BRANCH_NAME=v14.0 [Pipeline] } [Pipeline] // stage [Pipeline] stage [Pipeline] { (Checkout) [Pipeline] sh [tests-stage_2-merge_v14.0] Running shell script + git fetch --tags [Pipeline] sh [tests-stage_2-merge_v14.0] Running shell script + git fetch origin refs/changes/36/14036/1 From https://osm.etsi.org/gerrit/osm/tests * branch refs/changes/36/14036/1 -> FETCH_HEAD [Pipeline] sh [tests-stage_2-merge_v14.0] Running shell script + git checkout -f d536011e3d26b80db7645517de7471e0dd355620 HEAD is now at d536011 Fix stuck when executing a background command via SSH is SA02 [Pipeline] sh [tests-stage_2-merge_v14.0] Running shell script + sudo git clean -dfx Removing .cache/ Removing .eggs/ Removing .local/ Removing .safety/ Removing tests.egg-info/ [Pipeline] } [Pipeline] // stage [Pipeline] stage [Pipeline] { (License Scan) [Pipeline] echo skip the scan for merge [Pipeline] } [Pipeline] // stage [Pipeline] stage [Pipeline] { (Release Note Check) [Pipeline] fileExists [Pipeline] echo No releasenote check present [Pipeline] } [Pipeline] // stage [Pipeline] stage [Pipeline] { (Docker-Build) [Pipeline] sh [tests-stage_2-merge_v14.0] Running shell script + docker build --build-arg APT_PROXY=http://172.21.1.1:3142 -t osm/tests-v14.0 . Sending build context to Docker daemon 154.4MB Step 1/7 : FROM ubuntu:22.04 ---> ca2b0f26964c Step 2/7 : ARG APT_PROXY ---> Using cache ---> 8af67b1c5050 Step 3/7 : RUN if [ ! -z $APT_PROXY ] ; then echo "Acquire::http::Proxy \"$APT_PROXY\";" > /etc/apt/apt.conf.d/proxy.conf ; echo "Acquire::https::Proxy \"$APT_PROXY\";" >> /etc/apt/apt.conf.d/proxy.conf ; fi ---> Using cache ---> f72d4aac3f27 Step 4/7 : RUN DEBIAN_FRONTEND=noninteractive apt-get update && DEBIAN_FRONTEND=noninteractive apt-get -y install debhelper dh-python git python3 python3-all python3-dev python3-setuptools python3-pip tox ---> Using cache ---> be85e8a8fba0 Step 5/7 : RUN DEBIAN_FRONTEND=noninteractive apt-get -y install dh-make ---> Using cache ---> 4d481b490b4a Step 6/7 : ENV LC_ALL C.UTF-8 ---> Using cache ---> 3336da71fe04 Step 7/7 : ENV LANG C.UTF-8 ---> Using cache ---> 308e0b3ef42f Successfully built 308e0b3ef42f Successfully tagged osm/tests-v14.0:latest [Pipeline] } [Pipeline] // stage [Pipeline] sh [tests-stage_2-merge_v14.0] Running shell script + id -u [Pipeline] sh [tests-stage_2-merge_v14.0] Running shell script + id -g [Pipeline] withDockerContainer osm-cicd-3 does not seem to be running inside a container $ docker run -t -d -u 1001:1001 -u root -w /home/jenkins/workspace/tests-stage_2-merge_v14.0 -v /home/jenkins/workspace/tests-stage_2-merge_v14.0:/home/jenkins/workspace/tests-stage_2-merge_v14.0:rw,z -v /home/jenkins/workspace/tests-stage_2-merge_v14.0@tmp:/home/jenkins/workspace/tests-stage_2-merge_v14.0@tmp:rw,z -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** --entrypoint cat osm/tests-v14.0 [Pipeline] { [Pipeline] stage [Pipeline] { (Test) [Pipeline] sh [tests-stage_2-merge_v14.0] Running shell script + groupadd -o -g 1001 -r jenkins [Pipeline] sh [tests-stage_2-merge_v14.0] Running shell script + pwd + useradd -o -u 1001 -d /home/jenkins/workspace/tests-stage_2-merge_v14.0 -r -g jenkins jenkins [Pipeline] sh [tests-stage_2-merge_v14.0] Running shell script + echo #! /bin/sh [Pipeline] sh [tests-stage_2-merge_v14.0] Running shell script + chmod 755 /usr/bin/mesg [Pipeline] sh [tests-stage_2-merge_v14.0] Running shell script + runuser jenkins -c devops-stages/stage-test.sh Checking syntax of Robot tests Checking tabs in robot files. No tabs should be present No tabs are present in robot files. Correct! Checking param separation in robot files. Three spaces is the recommendation, instead of two No presence of two spaces to separate params in robot files. Correct! Checking param separation in robot files. Three spaces is the recommendation, instead of four or more Only three spaces must be used between params in robot files. Correct! Checking CRLF terminators in robot files. No CRLF should be found No presence of CRLF terminators in robot files. Correct! Checking spaces at the end of lines in robot files. No spaces at EOL should be found No presence of spaces at EOL in robot files. Correct! Launching tox ✔ OK black in 10.027 seconds black create: /tmp/.tox/black black installdeps: black black installed: black==24.4.0,click==8.1.7,mypy-extensions==1.0.0,packaging==24.0,pathspec==0.12.1,platformdirs==4.2.0,tomli==2.0.1,typing_extensions==4.11.0 black run-test-pre: PYTHONHASHSEED='3698553591' black run-test: commands[0] | black --check --diff robot-systest --fast All done! ✨ 🍰 ✨ 5 files would be left unchanged. ERROR: invocation failed (exit code 1), logfile: /tmp/.tox/flake8/log/flake8-0.log ================================== log start =================================== flake8 create: /tmp/.tox/flake8 flake8 installdeps: flake8 flake8 develop-inst: /home/jenkins/workspace/tests-stage_2-merge_v14.0 ERROR: invocation failed (exit code 1), logfile: /tmp/.tox/flake8/log/flake8-3.log ================================== log start =================================== Obtaining file:///home/jenkins/workspace/tests-stage_2-merge_v14.0 Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'error' error: subprocess-exited-with-error × python setup.py egg_info did not run successfully. │ exit code: 1 ╰─> [30 lines of output] /tmp/.tox/flake8/lib/python3.10/site-packages/setuptools/installer.py:27: SetuptoolsDeprecationWarning: setuptools.installer is deprecated. Requirements should be satisfied by a PEP 517 installer. warnings.warn( Traceback (most recent call last): File "", line 2, in File "", line 34, in File "/home/jenkins/workspace/tests-stage_2-merge_v14.0/setup.py", line 30, in setup( File "/tmp/.tox/flake8/lib/python3.10/site-packages/setuptools/__init__.py", line 152, in setup _install_setup_requires(attrs) File "/tmp/.tox/flake8/lib/python3.10/site-packages/setuptools/__init__.py", line 147, in _install_setup_requires dist.fetch_build_eggs(dist.setup_requires) File "/tmp/.tox/flake8/lib/python3.10/site-packages/setuptools/dist.py", line 812, in fetch_build_eggs resolved_dists = pkg_resources.working_set.resolve( File "/tmp/.tox/flake8/lib/python3.10/site-packages/pkg_resources/__init__.py", line 771, in resolve dist = best[req.key] = env.best_match( File "/tmp/.tox/flake8/lib/python3.10/site-packages/pkg_resources/__init__.py", line 1056, in best_match return self.obtain(req, installer) File "/tmp/.tox/flake8/lib/python3.10/site-packages/pkg_resources/__init__.py", line 1068, in obtain return installer(requirement) File "/tmp/.tox/flake8/lib/python3.10/site-packages/setuptools/dist.py", line 883, in fetch_build_egg return fetch_build_egg(self, req) File "/tmp/.tox/flake8/lib/python3.10/site-packages/setuptools/installer.py", line 87, in fetch_build_egg wheel.install_as_egg(dist_location) File "/tmp/.tox/flake8/lib/python3.10/site-packages/setuptools/wheel.py", line 95, in install_as_egg self._install_as_egg(destination_eggdir, zf) File "/tmp/.tox/flake8/lib/python3.10/site-packages/setuptools/wheel.py", line 103, in _install_as_egg self._convert_metadata(zf, destination_eggdir, dist_info, egg_info) File "/tmp/.tox/flake8/lib/python3.10/site-packages/setuptools/wheel.py", line 124, in _convert_metadata os.mkdir(destination_eggdir) FileExistsError: [Errno 17] File exists: '/home/jenkins/workspace/tests-stage_2-merge_v14.0/.eggs/setuptools_version_command-99.9-py3.10.egg' [end of output] note: This error originates from a subprocess, and is likely not a problem with pip. error: metadata-generation-failed × Encountered error while generating package metadata. ╰─> See above for output. note: This is an issue with the package mentioned above, not pip. hint: See above for details. =================================== log end ==================================== =================================== log end ==================================== ✖ FAIL flake8 in 10.991 seconds ✔ OK pylint in 2 minutes, 22.486 seconds pylint create: /tmp/.tox/pylint pylint installdeps: -r/home/jenkins/workspace/tests-stage_2-merge_v14.0/requirements.txt, -r/home/jenkins/workspace/tests-stage_2-merge_v14.0/requirements-dev.txt, pylint pylint develop-inst: /home/jenkins/workspace/tests-stage_2-merge_v14.0 pylint installed: appdirs==1.4.4,argcomplete==3.1.2,astroid==3.1.0,attrs==23.1.0,autopage==0.5.1,bcrypt==4.0.1,bitarray==2.8.1,certifi==2023.7.22,cffi==1.16.0,charset-normalizer==3.3.0,click==8.1.7,cliff==4.3.0,cmd2==2.4.3,cryptography==41.0.4,debtcollector==2.5.0,decorator==5.1.1,dill==0.3.8,dogpile.cache==1.2.2,enum34==1.1.10,exceptiongroup==1.1.3,h11==0.14.0,haikunator==2.1.0,idna==3.4,importlib-metadata==6.8.0,iso8601==2.1.0,isort==5.13.2,Jinja2==3.1.2,jmespath==1.0.1,jsonpatch==1.33,jsonpath-ng==1.6.0,jsonpath-rw==1.4.0,jsonpath-rw-ext==1.2.2,jsonpointer==2.4,jsonschema==4.19.1,jsonschema-specifications==2023.7.1,keystoneauth1==5.3.0,lxml==4.9.3,MarkupSafe==2.1.3,mccabe==0.7.0,msgpack==1.0.7,netaddr==0.9.0,netifaces==0.11.0,objectpath==0.6.1,openstacksdk==1.5.0,os-service-types==1.7.0,osc-lib==2.8.1,oslo.config==9.2.0,oslo.i18n==6.1.0,oslo.serialization==5.2.0,oslo.utils==6.2.1,osmclient @ git+https://osm.etsi.org/gerrit/osm/osmclient.git@92048832dded6b9a86936b89019c42b6451422f5,outcome==1.2.0,packaging==23.2,paramiko==3.3.1,pbr==5.11.1,platformdirs==4.2.0,ply==3.11,prettytable==3.9.0,pyang==2.5.3,pyangbind==0.8.3.post1,pycparser==2.21,pyjsonselect==0.2.2,pylint==3.1.0,PyNaCl==1.5.0,pyparsing==3.1.1,pyperclip==1.8.2,PySocks==1.7.1,python-cinderclient==9.4.0,python-keystoneclient==5.2.0,python-magic==0.4.27,python-novaclient==18.4.0,python-openstackclient==6.3.0,pytz==2023.3.post1,PyYAML==6.0.1,referencing==0.30.2,regex==2023.8.8,requests==2.31.0,requestsexceptions==1.4.0,rfc3986==2.0.0,robotframework==6.1.1,robotframework-jsonlibrary==0.5,robotframework-jsonvalidator==2.0.0,robotframework-pythonlibcore==4.2.0,robotframework-requests==0.9.5,robotframework-seleniumlibrary==6.1.2,robotframework-sshlibrary==3.8.0,robotframework-yamllibrary==0.2.8,rpds-py==0.10.3,scp==0.14.5,selenium==4.13.0,simplejson==3.19.1,six==1.16.0,sniffio==1.3.0,sortedcontainers==2.4.0,stevedore==5.1.0,-e git+https://osm.etsi.org/gerrit/osm/tests.git@d536011e3d26b80db7645517de7471e0dd355620#egg=tests,tomli==2.0.1,tomlkit==0.12.1,trio==0.22.2,trio-websocket==0.11.1,typing_extensions==4.8.0,tzdata==2023.3,urllib3==2.0.5,verboselogs==1.7,wcwidth==0.2.8,wrapt==1.15.0,wsproto==1.2.0,xmltodict==0.13.0,yq==3.2.3,zipp==3.17.0 pylint run-test-pre: PYTHONHASHSEED='3922290436' pylint run-test: commands[0] | - pylint -E robot-systest/resources ✔ OK safety in 2 minutes, 40.948 seconds safety create: /tmp/.tox/safety safety installdeps: -r/home/jenkins/workspace/tests-stage_2-merge_v14.0/requirements.txt, safety safety develop-inst: /home/jenkins/workspace/tests-stage_2-merge_v14.0 safety installed: annotated-types==0.6.0,appdirs==1.4.4,argcomplete==3.1.2,attrs==23.1.0,Authlib==1.3.0,autopage==0.5.1,bcrypt==4.0.1,bitarray==2.8.1,certifi==2023.7.22,cffi==1.16.0,charset-normalizer==3.3.0,click==8.1.7,cliff==4.3.0,cmd2==2.4.3,cryptography==41.0.4,debtcollector==2.5.0,decorator==5.1.1,dogpile.cache==1.2.2,dparse==0.6.4b0,enum34==1.1.10,exceptiongroup==1.1.3,h11==0.14.0,haikunator==2.1.0,idna==3.4,importlib-metadata==6.8.0,iso8601==2.1.0,Jinja2==3.1.3,jmespath==1.0.1,jsonpatch==1.33,jsonpath-ng==1.6.0,jsonpath-rw==1.4.0,jsonpath-rw-ext==1.2.2,jsonpointer==2.4,jsonschema==4.19.1,jsonschema-specifications==2023.7.1,keystoneauth1==5.3.0,lxml==4.9.3,markdown-it-py==3.0.0,MarkupSafe==2.1.5,marshmallow==3.21.1,mdurl==0.1.2,msgpack==1.0.7,netaddr==0.9.0,netifaces==0.11.0,objectpath==0.6.1,openstacksdk==1.5.0,os-service-types==1.7.0,osc-lib==2.8.1,oslo.config==9.2.0,oslo.i18n==6.1.0,oslo.serialization==5.2.0,oslo.utils==6.2.1,outcome==1.2.0,packaging==23.2,paramiko==3.3.1,pbr==5.11.1,ply==3.11,prettytable==3.9.0,pyang==2.5.3,pyangbind==0.8.3.post1,pycparser==2.21,pydantic==2.7.0,pydantic_core==2.18.1,Pygments==2.17.2,pyjsonselect==0.2.2,PyNaCl==1.5.0,pyparsing==3.1.1,pyperclip==1.8.2,PySocks==1.7.1,python-cinderclient==9.4.0,python-keystoneclient==5.2.0,python-novaclient==18.4.0,python-openstackclient==6.3.0,pytz==2023.3.post1,PyYAML==6.0.1,referencing==0.30.2,regex==2023.8.8,requests==2.31.0,requestsexceptions==1.4.0,rfc3986==2.0.0,rich==13.7.1,robotframework==6.1.1,robotframework-jsonlibrary==0.5,robotframework-jsonvalidator==2.0.0,robotframework-pythonlibcore==4.2.0,robotframework-requests==0.9.5,robotframework-seleniumlibrary==6.1.2,robotframework-sshlibrary==3.8.0,robotframework-yamllibrary==0.2.8,rpds-py==0.10.3,ruamel.yaml==0.18.6,ruamel.yaml.clib==0.2.8,safety==3.1.0,safety-schemas==0.0.2,scp==0.14.5,selenium==4.13.0,shellingham==1.5.4,simplejson==3.19.1,six==1.16.0,sniffio==1.3.0,sortedcontainers==2.4.0,stevedore==5.1.0,-e git+https://osm.etsi.org/gerrit/osm/tests.git@d536011e3d26b80db7645517de7471e0dd355620#egg=tests,tomli==2.0.1,tomlkit==0.12.1,trio==0.22.2,trio-websocket==0.11.1,typer==0.12.3,typing_extensions==4.8.0,tzdata==2023.3,urllib3==2.0.5,verboselogs==1.7,wcwidth==0.2.8,wrapt==1.15.0,wsproto==1.2.0,xmltodict==0.13.0,yq==3.2.3,zipp==3.17.0 safety run-test-pre: PYTHONHASHSEED='494074714' safety run-test: commands[0] | - safety check --full-report +==============================================================================+ /$$$$$$ /$$ /$$__ $$ | $$ /$$$$$$$ /$$$$$$ | $$ \__//$$$$$$ /$$$$$$ /$$ /$$ /$$_____/ |____ $$| $$$$ /$$__ $$|_ $$_/ | $$ | $$ | $$$$$$ /$$$$$$$| $$_/ | $$$$$$$$ | $$ | $$ | $$ \____ $$ /$$__ $$| $$ | $$_____/ | $$ /$$| $$ | $$ /$$$$$$$/| $$$$$$$| $$ | $$$$$$$ | $$$$/| $$$$$$$ |_______/ \_______/|__/ \_______/ \___/ \____ $$ /$$ | $$ | $$$$$$/ by safetycli.com \______/ +==============================================================================+ REPORT  Safety is using PyUp's free open-source vulnerability database. This data is 30 days old and limited.   For real-time enhanced vulnerability data, fix recommendations, severity reporting, cybersecurity support, team and project policy management and more sign up at https://pyup.io or email sales@pyup.io Safety v3.1.0 is scanning for Vulnerabilities...  Scanning dependencies in your environment: -> /usr/lib/python310.zip -> /tmp/.tox/safety/lib/python3.10/site-packages -> /home/jenkins/workspace/tests-stage_2-merge_v14.0 -> /usr/lib/python3.10/lib-dynload -> /tmp/.tox/safety/bin -> /usr/lib/python3.10 Using open-source vulnerability database  Found and scanned 121 packages Timestamp 2024-04-20 09:51:42  10 vulnerabilities reported  0 vulnerabilities ignored +==============================================================================+ VULNERABILITIES REPORTED +==============================================================================+ -> Vulnerability found in wheel version 0.37.1  Vulnerability ID: 51499  Affected spec: <0.38.1  ADVISORY: Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.https://pyup.io/posts/pyup-discovers-redos- vulnerabilities-in-top-python-packages  CVE-2022-40898  For more information about this vulnerability, visit https://data.safetycli.com/v/51499/97c To ignore this vulnerability, use PyUp vulnerability id 51499 in safety’s ignore command-line argument or add the ignore to your safety policy file. -> Vulnerability found in urllib3 version 2.0.5  Vulnerability ID: 61893  Affected spec: >=2.0.0a1,<2.0.7  ADVISORY: Urllib3 1.26.18 and 2.0.7 include a fix for CVE-2023-45803: Request body not stripped after redirect from 303 status changes request method to GET.https://github.com/urllib3/urllib3/security/ advisories/GHSA-g4mx-q9vg-27p4  CVE-2023-45803  For more information about this vulnerability, visit https://data.safetycli.com/v/61893/97c To ignore this vulnerability, use PyUp vulnerability id 61893 in safety’s ignore command-line argument or add the ignore to your safety policy file. -> Vulnerability found in pip version 22.0.2  Vulnerability ID: 62044  Affected spec: <23.3  ADVISORY: Pip 23.3 includes a fix for CVE-2023-5752: When installing a package from a Mercurial VCS URL (ie "pip install hg+...") with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call (ie "-- config"). Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability does not affect users who aren't installing from Mercurial.https://github.com/pypa/pip/pull/12306  CVE-2023-5752  For more information about this vulnerability, visit https://data.safetycli.com/v/62044/97c To ignore this vulnerability, use PyUp vulnerability id 62044 in safety’s ignore command-line argument or add the ignore to your safety policy file. -> Vulnerability found in paramiko version 3.3.1  Vulnerability ID: 65193  Affected spec: <3.4.0  ADVISORY: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms.  CVE-2023-48795  For more information about this vulnerability, visit https://data.safetycli.com/v/65193/97c To ignore this vulnerability, use PyUp vulnerability id 65193 in safety’s ignore command-line argument or add the ignore to your safety policy file. -> Vulnerability found in cryptography version 41.0.4  Vulnerability ID: 66704  Affected spec: >=38.0.0,<42.0.4  ADVISORY: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and before version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.  CVE-2024-26130  For more information about this vulnerability, visit https://data.safetycli.com/v/66704/97c To ignore this vulnerability, use PyUp vulnerability id 66704 in safety’s ignore command-line argument or add the ignore to your safety policy file. -> Vulnerability found in cryptography version 41.0.4  Vulnerability ID: 65278  Affected spec: <42.0.0  ADVISORY: A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. See CVE-2023-50782.  CVE-2023-50782  For more information about this vulnerability, visit https://data.safetycli.com/v/65278/97c To ignore this vulnerability, use PyUp vulnerability id 65278 in safety’s ignore command-line argument or add the ignore to your safety policy file. -> Vulnerability found in cryptography version 41.0.4  Vulnerability ID: 62556  Affected spec: >=3.1,<41.0.6  ADVISORY: Cryptography 41.0.6 includes a fix for CVE-2023-49083: NULL-dereference when loading PKCS7 certificates.https://github.com/advisories/GHSA-jfhm-5ghh-2f97  CVE-2023-49083  For more information about this vulnerability, visit https://data.safetycli.com/v/62556/97c To ignore this vulnerability, use PyUp vulnerability id 62556 in safety’s ignore command-line argument or add the ignore to your safety policy file. -> Vulnerability found in cryptography version 41.0.4  Vulnerability ID: 66777  Affected spec: >=35.0.0,<42.0.2  ADVISORY: CVE-2023-6237 addresses a vulnerability in RSA public key verification where checking a large, incorrect RSA key with EVP_PKEY_public_check() could take an excessive amount of time. This is due to no size limit on the RSA public key and an unnecessarily high number of Miller-Rabin rounds for modulus non-primality checks. The fix sets a maximum key size of 16384 bits and reduces Miller-Rabin rounds to 5, enhancing security and performance by preventing the RSA_R_MODULUS_TOO_LARGE error.  CVE-2023-6237  For more information about this vulnerability, visit https://data.safetycli.com/v/66777/97c To ignore this vulnerability, use PyUp vulnerability id 66777 in safety’s ignore command-line argument or add the ignore to your safety policy file. -> Vulnerability found in cryptography version 41.0.4  Vulnerability ID: 65212  Affected spec: >=35.0.0,<42.0.2  ADVISORY: Versions of Cryptograph starting from 35.0.0 are susceptible to a security flaw in the POLY1305 MAC algorithm on PowerPC CPUs, which allows an attacker to disrupt the application's state. This disruption might result in false calculations or cause a denial of service. The vulnerability's exploitation hinges on the attacker's ability to alter the algorithm's application and the dependency of the software on non-volatile XMM registers.https://github.com/pyca/cryptography/commit/89d 0d56fb104ac4e0e6db63d78fc22b8c53d27e9  CVE-2023-6129  For more information about this vulnerability, visit https://data.safetycli.com/v/65212/97c To ignore this vulnerability, use PyUp vulnerability id 65212 in safety’s ignore command-line argument or add the ignore to your safety policy file. -> Vulnerability found in cryptography version 41.0.4  Vulnerability ID: 65647  Affected spec: <42.0.5  ADVISORY: Cryptography version 42.0.5 introduces a limit on the number of name constraint checks during X.509 path validation to prevent denial of service attacks.https://github.com/pyca/cryptography/commit/4be5 3bf20cc90cbac01f5f94c5d1aecc5289ba1f  PVE-2024-65647  For more information about this vulnerability, visit https://data.safetycli.com/v/65647/97c To ignore this vulnerability, use PyUp vulnerability id 65647 in safety’s ignore command-line argument or add the ignore to your safety policy file. +==============================================================================+ REMEDIATIONS 10 vulnerabilities were reported in 5 packages. For detailed remediation & fix recommendations, upgrade to a commercial license. +==============================================================================+ Scan was completed. 10 vulnerabilities were reported. +==============================================================================+  Safety is using PyUp's free open-source vulnerability database. This data is 30 days old and limited.   For real-time enhanced vulnerability data, fix recommendations, severity reporting, cybersecurity support, team and project policy management and more sign up at https://pyup.io or email sales@pyup.io +==============================================================================+ ✔ OK cover in 2 minutes, 44.852 seconds cover create: /tmp/.tox/cover cover installdeps: -r/home/jenkins/workspace/tests-stage_2-merge_v14.0/requirements.txt cover develop-inst: /home/jenkins/workspace/tests-stage_2-merge_v14.0 cover installed: appdirs==1.4.4,argcomplete==3.1.2,attrs==23.1.0,autopage==0.5.1,bcrypt==4.0.1,bitarray==2.8.1,certifi==2023.7.22,cffi==1.16.0,charset-normalizer==3.3.0,cliff==4.3.0,cmd2==2.4.3,cryptography==41.0.4,debtcollector==2.5.0,decorator==5.1.1,dogpile.cache==1.2.2,enum34==1.1.10,exceptiongroup==1.1.3,h11==0.14.0,haikunator==2.1.0,idna==3.4,importlib-metadata==6.8.0,iso8601==2.1.0,jmespath==1.0.1,jsonpatch==1.33,jsonpath-ng==1.6.0,jsonpath-rw==1.4.0,jsonpath-rw-ext==1.2.2,jsonpointer==2.4,jsonschema==4.19.1,jsonschema-specifications==2023.7.1,keystoneauth1==5.3.0,lxml==4.9.3,msgpack==1.0.7,netaddr==0.9.0,netifaces==0.11.0,objectpath==0.6.1,openstacksdk==1.5.0,os-service-types==1.7.0,osc-lib==2.8.1,oslo.config==9.2.0,oslo.i18n==6.1.0,oslo.serialization==5.2.0,oslo.utils==6.2.1,outcome==1.2.0,packaging==23.2,paramiko==3.3.1,pbr==5.11.1,ply==3.11,prettytable==3.9.0,pyang==2.5.3,pyangbind==0.8.3.post1,pycparser==2.21,pyjsonselect==0.2.2,PyNaCl==1.5.0,pyparsing==3.1.1,pyperclip==1.8.2,PySocks==1.7.1,python-cinderclient==9.4.0,python-keystoneclient==5.2.0,python-novaclient==18.4.0,python-openstackclient==6.3.0,pytz==2023.3.post1,PyYAML==6.0.1,referencing==0.30.2,regex==2023.8.8,requests==2.31.0,requestsexceptions==1.4.0,rfc3986==2.0.0,robotframework==6.1.1,robotframework-jsonlibrary==0.5,robotframework-jsonvalidator==2.0.0,robotframework-pythonlibcore==4.2.0,robotframework-requests==0.9.5,robotframework-seleniumlibrary==6.1.2,robotframework-sshlibrary==3.8.0,robotframework-yamllibrary==0.2.8,rpds-py==0.10.3,scp==0.14.5,selenium==4.13.0,simplejson==3.19.1,six==1.16.0,sniffio==1.3.0,sortedcontainers==2.4.0,stevedore==5.1.0,-e git+https://osm.etsi.org/gerrit/osm/tests.git@d536011e3d26b80db7645517de7471e0dd355620#egg=tests,tomlkit==0.12.1,trio==0.22.2,trio-websocket==0.11.1,typing_extensions==4.8.0,tzdata==2023.3,urllib3==2.0.5,verboselogs==1.7,wcwidth==0.2.8,wrapt==1.15.0,wsproto==1.2.0,xmltodict==0.13.0,yq==3.2.3,zipp==3.17.0 cover run-test-pre: PYTHONHASHSEED='4190507247' cover run-test: commands[0] | sh -c 'echo No unit tests' No unit tests ___________________________________ summary ____________________________________ black: commands succeeded cover: commands succeeded ERROR: flake8: parallel child exit code 1 pylint: commands succeeded safety: commands succeeded [Pipeline] } [Pipeline] // stage [Pipeline] } $ docker stop --time=1 13a4d1f6a31a59fa5b71530e4356c960542bbfdd70e0f5e94686896cff25e77e $ docker rm -f 13a4d1f6a31a59fa5b71530e4356c960542bbfdd70e0f5e94686896cff25e77e [Pipeline] // withDockerContainer [Pipeline] } [Pipeline] // node [Pipeline] End of Pipeline ERROR: script returned exit code 1 Finished: FAILURE