Pipeline · Ironbank Containers / Bitnami / airflow-worker

You need to sign in or sign up before continuing.

Add trufflehog whitelist file

15 jobs for trufflehog-whitelist in 120 minutes and 53 seconds (queued for 16 seconds)

Status	Job ID	Name
.Pre
passed	#2871836 ironbank	load scripts	00:00:06 Apr 21, 2021

Preflight
passed	#2871838 ironbank	folder structure	00:00:21 Apr 21, 2021
passed	#2871839 ironbank	hardening_manifest	00:00:11 Apr 21, 2021
passed	#2871837 ironbank	trufflehog	00:00:07 Apr 21, 2021

Lint
passed	#2871840 ironbank	wl compare lint	00:00:10 Apr 21, 2021

Finding Compare
failed	#2871841 ironbank allowed to fail	vat compare	00:00:10 Apr 21, 2021

Import Artifacts
failed	#2871842 ironbank	import artifacts	02:00:03 Apr 22, 2021

Scan Artifacts
skipped	#2871843 ironbank	clamav scan

Build
skipped	#2871844 ironbank-isolated	build

Scanning
skipped	#2871845 ironbank	anchore scan
skipped	#2871846 ironbank	openscap compliance
skipped	#2871847 ironbank	openscap cve
skipped	#2871848 ironbank	twistlock scan

Csv Output
skipped	#2871849 ironbank	csv output

Check Cves
skipped	#2871850 ironbank allowed to fail	check cves

	Name	Stage	Failure
failed	import artifacts	Import Artifacts	The script exceeded the maximum execution time set for the job
	Copying blob sha256:594b76c4b6cc35077b44a1b3a9f9a43ffa1b10fa263644226924fc7fbbda04ee Copying blob sha256:c954ece14f87fca5e419ed701aeda1f07761e0a44f385fbb48173007244b476e Copying config sha256:ce11514d2176a01acc74122d250fbb9b1db4fb89313cf10a64c7104d94871942 Writing manifest to image destination Storing signatures INFO: Tagging image as bitnami/airflow-worker:2.0.1-debian-10-r54 ce11514d2176a01acc74122d250fbb9b1db4fb89313cf10a64c7104d94871942 INFO: Saving bitnami/airflow-worker:2.0.1-debian-10-r54 as tar file ERROR: Job failed: execution took longer than 2h0m0s seconds
failed	vat compare	Finding Compare
	INFO: ('CVE-2021-20232', 'twistlock_cve', 'A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.', 'gnutls-3.6.14-7.el8_3', None) INFO: ('CVE-2021-20305', 'anchore_cve', 'gnutls-3.6.14-7.el8_3\nhttps://access.redhat.com/security/cve/CVE-2021-20305', 'gnutls-3.6.14-7.el8_3', None) INFO: ('CVE-2021-20305', 'twistlock_cve', 'A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.', 'gnutls-3.6.14-7.el8_3', None) Uploading artifacts for failed job Uploading artifacts... ci-artifacts/compare/: found 2 matching files and directories Uploading artifacts as "archive" to coordinator... ok id=2871841 responseStatus=201 Created token=fmtx2SsQ Cleaning up file based variables ERROR: Job failed: command terminated with exit code 4