Pipeline · Ironbank Containers / Confluent / ksqlDB Server / cp-ksqlDB Server-5.5.x

Merge branch '5.5.4' into 'development'

5.5.4 to dev MR

See merge request !11

14 jobs for haro in 23 minutes and 54 seconds (queued for 19 seconds)

21e202e4

Status	Job ID	Name
.Pre
passed	#4352135	load-scripts	00:00:12 Jun 24, 2021

Preflight
passed	#4352137	folder-structure	00:00:11 Jun 24, 2021
passed	#4352138	hardening-manifest	00:00:23 Jun 24, 2021
passed	#4352136	trufflehog	00:00:12 Jun 24, 2021

Lint
passed	#4352139	wl-compare-lint	00:00:13 Jun 24, 2021

Import Artifacts
passed	#4352140	import-artifacts	00:00:36 Jun 24, 2021

Scan Artifacts
passed	#4352141	clamav-scan	00:14:38 Jun 24, 2021

Build
passed	#4352142	build	00:03:03 Jun 24, 2021

Scanning
passed	#4352143	anchore-scan	00:03:23 Jun 24, 2021
passed	#4352144 ironbank-dsop-privileged	openscap-compliance	00:01:28 Jun 24, 2021
passed	#4352145	twistlock-scan	00:01:44 Jun 24, 2021

Csv Output
passed	#4352146	csv-output	00:00:40 Jun 24, 2021

Check Cves
failed	#4352147 allowed to fail	check-cves	00:00:15 Jun 24, 2021

Documentation
passed	#4352148	create-tar	00:01:02 Jun 24, 2021

Name Stage Failure

	Name	Stage	Failure
failed	check-cves	Check Cves
	ERROR: The following vulnerabilities are not whitelisted: ERROR: scan_source cve_id package package_path ERROR: anchore_cve VULNDB-93555 commons_codec-1.11 /usr/share/java/ksqldb-server/commons-codec-1.11.jar ERROR: anchore_cve GHSA-gwcr-j4wh-j3cq jetty-servlets-9.4.39.v20210325 /usr/share/java/ksqldb-server/jetty-servlets-9.4.39.v20210325.jar ERROR: anchore_cve CVE-2021-0555 protobuf-3.11.4 /usr/share/java/ksqldb-server/monitoring-interceptors-5.5.4.jar:protobuf-java ERROR: anchore_cve CVE-2021-0555 protobuf-3.11.4 /usr/share/java/ksqldb-server/monitoring-interceptors-5.5.4.jar:protobuf-java-util ERROR: twistlock_cve CVE-2021-28169 org.eclipse.jetty_jetty-io-9.4.39.v20210325 None Cleaning up file based variables ERROR: Job failed: command terminated with exit code 1

failed

check-cves

Check Cves

ERROR: The following vulnerabilities are not whitelisted:
ERROR: scan_source                   cve_id                        package                       package_path                  
ERROR: anchore_cve                   VULNDB-93555                  commons_codec-1.11            /usr/share/java/ksqldb-server/commons-codec-1.11.jar    
ERROR: anchore_cve                   GHSA-gwcr-j4wh-j3cq           jetty-servlets-9.4.39.v20210325    /usr/share/java/ksqldb-server/jetty-servlets-9.4.39.v20210325.jar    
ERROR: anchore_cve                   CVE-2021-0555                 protobuf-3.11.4               /usr/share/java/ksqldb-server/monitoring-interceptors-5.5.4.jar:protobuf-java    
ERROR: anchore_cve                   CVE-2021-0555                 protobuf-3.11.4               /usr/share/java/ksqldb-server/monitoring-interceptors-5.5.4.jar:protobuf-java-util    
ERROR: twistlock_cve                 CVE-2021-28169                org.eclipse.jetty_jetty-io-9.4.39.v20210325    None                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1