Hello,

I've tried to configure the OWASP Dependency Check with the JobDSL, but it
seems the thresholds are not picked up. It looks like the JobDSL generates
the thresholds under an element in de config.xml, while the UI saves it
under the root element of the plugin.

I've used the following JobDSL configuration:

publishers {
    dependencyCheck('target/dependency-check-report.xml') {
        thresholds(
                unstableTotal: [all: 0, high: 0, normal: 1, low: 0],
                failedTotal: [all: 0, high: 1, normal: 0, low: 0],
                unstableNew: [all: 0, high: 0, normal: 0, low: 0],
                failedNew: [all: 0, high: 0, normal: 0, low: 0]
        )
    }
}

If I generate a job with this JobDSL the config.xml comes out as follows:

<org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher>
    <healthy/>
    <unHealthy/>
    <thresholdLimit>low</thresholdLimit>
    <defaultEncoding/>
    <canRunOnFailed>false</canRunOnFailed>
    <useStableBuildAsReference>false</useStableBuildAsReference>
    <useDeltaValues>false</useDeltaValues>
    <thresholds>
        <unstableTotalAll>0</unstableTotalAll>
        <unstableTotalHigh>0</unstableTotalHigh>
        <unstableTotalNormal>1</unstableTotalNormal>
        <unstableTotalLow>0</unstableTotalLow>
        <failedTotalAll>0</failedTotalAll>
        <failedTotalHigh>1</failedTotalHigh>
        <failedTotalNormal>0</failedTotalNormal>
        <failedTotalLow>0</failedTotalLow>
        <unstableNewAll>0</unstableNewAll>
        <unstableNewHigh>0</unstableNewHigh>
        <unstableNewNormal>0</unstableNewNormal>
        <unstableNewLow>0</unstableNewLow>
        <failedNewAll>0</failedNewAll>
        <failedNewHigh>0</failedNewHigh>
        <failedNewNormal>0</failedNewNormal>
        <failedNewLow>0</failedNewLow>
    </thresholds>
    <shouldDetectModules>false</shouldDetectModules>
    <dontComputeNew>false</dontComputeNew>
    <doNotResolveRelativePaths>true</doNotResolveRelativePaths>
    <pattern>target/dependency-check-report.xml</pattern>
</org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher>

If I use the UI to change the configuration, it gives me the following
config.xml:

<org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher
plugin="dependency-check-jenkins-plugin@5.0.2">
    <unstableTotalMedium>1</unstableTotalMedium>
    <failedTotalCritical>1</failedTotalCritical>
    <failedTotalHigh>1</failedTotalHigh>

<totalThresholdAnalysisExploitable>false</totalThresholdAnalysisExploitable>
    <newThresholdAnalysisExploitable>false</newThresholdAnalysisExploitable>
    <pattern>target/dependency-check-report.xml</pattern>
</org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher>

Did I do something wrong or is this a bug in the plugin?

With regards,

Nick Stolwijk

~~~ Try to leave this world a little better than you found it and, when
your turn comes to die, you can die happy in feeling that at any rate you
have not wasted your time but have done your best ~~~

Lord Baden-Powell

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/CAA9S6i6L4gTxzBDcC2nMMcd1yianpo7VqLPgZHAzZMVMfkzdew%40mail.gmail.com.

Reply via email to