[None][infra] Fix plc nightly pipeline and show more data

[yuanjingx87]

Summary by CodeRabbit

• Bug Fixes
  • Enhanced container vulnerability reporting with CVE URLs and package fix version information
  • Improved pipeline logging with branch identification for better debugging visibility

Description

Fix package name not showing up for container license report
Add fix version and CVE url to container vulnerability report in ES

Test Coverage

PR Checklist

Please review the following before submitting your PR:

• PR description clearly explains what and why. If using CodeRabbit's summary, please make sure it makes sense.

• PR Follows TRT-LLM CODING GUIDELINES to the best of your knowledge.

• Test cases are provided for new code paths (see test instructions)

• Any new dependencies have been scanned for license and vulnerabilities

• CODEOWNERS updated if ownership changes

• Documentation updated as needed

• Update tava architecture diagram if there is a significant design change in PR.

• The reviewers assigned automatically/manually are appropriate for the PR.

• Please check this after reviewing the above items as appropriate for this PR.

GitHub Bot Help

To see a list of available CI bot commands, please comment /bot help.

[yuanjingx87]

/bot skip --comment "No need to run CI"

[coderabbitai]

📝 Walkthrough

Walkthrough

Three files are updated to refactor the vulnerability scanning pipeline: a function is renamed from diff_vulns to get_vulns, its usage is updated, and the vulnerability document payload is expanded with additional fields (s_package_fix_version and s_cve_url). Additionally, logging output formatting is adjusted in the pipeline orchestration script.

Changes

Cohort / File(s)	Summary
Vulnerability Scanning Utilities jenkins/scripts/pulse_in_pipeline_scanning/utils/report.py	Renamed function diff_vulns() to get_vulns() without altering internal logic or behavior.
Vulnerability Report Submission jenkins/scripts/pulse_in_pipeline_scanning/submit_report.py	Updated function call from diff_vulns() to get_vulns(), added s_package_fix_version and s_cve_url fields to container vulnerability document payload, and adjusted license document field mappings from package_name/package_version keys to package/version keys.
Pipeline Logging jenkins/TensorRT_LLM_PLC.groovy	Modified debug output in pulseScanContainer() to prefix raw mapping output with branch identifier message.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description lacks a proper title and provides minimal detail about the changes; the Test Coverage section is empty and the PR checklist items are not properly addressed.	Add a properly formatted PR title following [type] format (e.g., [None][infra]), expand the description to explain what is being fixed and why, provide specific test cases or testing information, and ensure all relevant checklist items are properly addressed.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly identifies the main changes: fixing the PLC nightly pipeline and adding more data to reports.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (1)

jenkins/scripts/pulse_in_pipeline_scanning/submit_report.py (1)

175-177: Consider consistent fallback handling for new fields.

s_package_fix_version uses or "N/A" as a fallback, but s_cve_url will be None if the url field is missing. This inconsistency may be intentional (URLs shouldn't be "N/A"), but if uniform handling is preferred:

♻️ Optional: Add fallback for URL field

             "s_package_fix_version": v.get("fix") or "N/A",
             "s_cve": v.get("vuln"),
-            "s_cve_url": v.get("url"),
+            "s_cve_url": v.get("url") or "",

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@jenkins/scripts/pulse_in_pipeline_scanning/submit_report.py` around lines 175
- 177, The dict construction is inconsistent: s_package_fix_version uses a
fallback (v.get("fix") or "N/A") while s_cve_url uses v.get("url") which may be
None; update the code that builds the report entry (the dict using keys
s_package_fix_version and s_cve_url) to apply a consistent fallback for the URL
as well (e.g., use v.get("url") or "N/A" or an empty string), referencing the
same variable v and the keys s_cve_url and s_package_fix_version so the field
handling is uniform.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@jenkins/scripts/pulse_in_pipeline_scanning/submit_report.py`:
- Around line 175-177: The dict construction is inconsistent:
s_package_fix_version uses a fallback (v.get("fix") or "N/A") while s_cve_url
uses v.get("url") which may be None; update the code that builds the report
entry (the dict using keys s_package_fix_version and s_cve_url) to apply a
consistent fallback for the URL as well (e.g., use v.get("url") or "N/A" or an
empty string), referencing the same variable v and the keys s_cve_url and
s_package_fix_version so the field handling is uniform.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 28c4d4dc-d691-4f56-a54b-f66d19983c87

📥 Commits

Reviewing files that changed from the base of the PR and between 4ba9f67 and 2781054.

📒 Files selected for processing (3)

• jenkins/TensorRT_LLM_PLC.groovy
• jenkins/scripts/pulse_in_pipeline_scanning/submit_report.py
• jenkins/scripts/pulse_in_pipeline_scanning/utils/report.py

[tensorrt-cicd]

PR_Github #42740 [ skip ] triggered by Bot. Commit: 2781054 Link to invocation

[tensorrt-cicd]

PR_Github #42740 [ skip ] completed with state SUCCESS. Commit: 2781054
Skipping testing for commit 2781054

Link to invocation