UNCLASSIFIED

Skip to content

GitLab

Merge branch 'thomas.shepherd-development-patch-35917' into 'development' 

Update hardening_manifest.yaml

See merge request !14
20 jobs for development in 13 minutes and 5 seconds (queued for 13 minutes and 44 seconds)
1fe7bc81
1 related merge request: !15 Development
Status Job ID Name Coverage
  .Pre
passed #2864997
ironbank
load scripts

00:00:10

 
  Preflight
passed #2864999
ironbank
folder structure

00:00:09

passed #2865000
ironbank
hardening_manifest

00:00:16

passed #2864998
ironbank
trufflehog

00:00:06

 
  Lint
passed #2865001
ironbank
wl compare lint

00:00:10

 
  Finding Compare
failed #2865002
ironbank allowed to fail
vat compare

00:00:07

 
  Import Artifacts
passed #2865003
ironbank
import artifacts

00:00:29

 
  Scan Artifacts
passed #2865004
ironbank
clamav scan

00:01:23

 
  Build
passed #2865005
ironbank-isolated
build

00:02:36

 
  Scanning
passed #2865006
ironbank
anchore scan

00:02:28

passed #2865007
ironbank
openscap compliance

00:01:07

passed #2865008
ironbank
openscap cve

00:04:08

passed #2865009
ironbank
twistlock scan

00:00:26

 
  Csv Output
passed #2865010
ironbank
csv output

00:00:52

 
  Check Cves
failed #2865011
ironbank allowed to fail
check cves

00:00:16

 
  Documentation
passed #2865012
ironbank
sign image

00:00:37

passed #2865013
ironbank
sign manifest

00:00:26

passed #2865014
ironbank
write json documentation

00:00:23

 
  S3 Publish
passed #2865015
ironbank
upload to s3

00:01:43

 
  Vat
passed #2865016
ironbank
vat

00:00:10

 
Name Stage Failure
failed
check cves Check Cves 
ERROR: NON-WHITELISTED VULNERABILITIES FOUND
ERROR: Number of non-whitelisted vulnerabilities: 3
ERROR: The following vulnerabilities are not whitelisted:
ERROR: scan_source                   cve_id                        package                       package_path                  
ERROR: anchore_cve                   CVE-2021-2163                 java-11-openjdk-headless-11.0.10.0.9-4.el8_3    None                          
ERROR: oscap_cve                     CVE-2021-2163                 java-11-openjdk               None                          
ERROR: oscap_cve                     RHSA-2021:1307                java-11-openjdk               None                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1
failed
vat compare Finding Compare 
INFO: ('CVE-2021-3450', 'anchore_cve', 'openssl-libs-1.1.1g-12.el8_3\nhttps://access.redhat.com/security/cve/CVE-2021-3450', 'openssl-libs-1.1.1g-12.el8_3', None)
INFO: ('CVE-2020-35512', 'anchore_cve', 'dbus-daemon-1.12.8-12.el8_3\nhttps://access.redhat.com/security/cve/CVE-2020-35512', 'dbus-daemon-1.12.8-12.el8_3', None)
INFO: ('CVE-2020-13776', 'anchore_cve', 'systemd-239-41.el8_3.1\nhttps://access.redhat.com/security/cve/CVE-2020-13776', 'systemd-239-41.el8_3.1', None)
Uploading artifacts for failed job
Uploading artifacts...
ci-artifacts/compare/: found 2 matching files and directories 
Uploading artifacts as "archive" to coordinator... ok  id=2865002 responseStatus=201 Created token=N3WZz9KV
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 4

UNCLASSIFIED