[0KRunning with gitlab-runner 13.8.0 (775dd39d)
[0;m[0K  on dsop-shared-gitlab-runner-f887cbcbd-srgz6 E82_g8RG
[0;msection_start:1626059643:resolve_secrets[0K[0K[36;1mResolving secrets[0;m
[0;msection_end:1626059643:resolve_secrets[0Ksection_start:1626059643:prepare_executor[0K[0K[36;1mPreparing the "kubernetes" executor[0;m
[0;m[0KUsing Kubernetes namespace: gitlab-runner-ironbank-dsop
[0;m[0;33mWARNING: Pulling GitLab Runner helper image from Docker Hub. Helper image is migrating to registry.gitlab.com, for more information see https://docs.gitlab.com/runner/configuration/advanced-configuration.html#migrating-helper-image-to-registrygitlabcom
[0;m[0KUsing Kubernetes executor with image registry1.dso.mil/ironbank/ironbank-pipelines/pipeline-runner:0.3 ...
[0;msection_end:1626059643:prepare_executor[0Ksection_start:1626059643:prepare_script[0K[0K[36;1mPreparing environment[0;m
[0;mWaiting for pod gitlab-runner-ironbank-dsop/runner-e82g8rg-project-422-concurrent-05847c to be running, status is Pending
Waiting for pod gitlab-runner-ironbank-dsop/runner-e82g8rg-project-422-concurrent-05847c to be running, status is Pending
	ContainersNotReady: "containers with unready status: [build helper istio-proxy]"
	ContainersNotReady: "containers with unready status: [build helper istio-proxy]"
Running on runner-e82g8rg-project-422-concurrent-05847c via dsop-shared-gitlab-runner-f887cbcbd-srgz6...
section_end:1626059649:prepare_script[0Ksection_start:1626059649:get_sources[0K[0K[36;1mGetting source from Git repository[0;m
[0;m[32;1m$ until [ $(curl --fail --silent --output /dev/stderr --write-out "%{http_code}" localhost:15020/healthz/ready) -eq 200 ]; do echo Waiting for Sidecar; sleep 3 ; done ; echo Sidecar available;[0;m
Sidecar available
[32;1mFetching changes with git depth set to 50...[0;m
Initialized empty Git repository in /builds/dsop/elastic/logstash/logstash/.git/
[32;1mCreated fresh repository.[0;m
[32;1mChecking out b5dcf5c9 as master...[0;m
Skipping object checkout, Git LFS is not installed.

[32;1mSkipping Git submodules setup[0;m
section_end:1626059650:get_sources[0Ksection_start:1626059650:download_artifacts[0K[0K[36;1mDownloading artifacts[0;m
[0;m[32;1mDownloading artifacts for anchore-scan (4740534)...[0;m
Downloading artifacts from coordinator... ok      [0;m  id[0;m=4740534 responseStatus[0;m=200 OK token[0;m=9G4DdZuB
[0;33mWARNING: ci-artifacts/scan-results/anchore/: lchown ci-artifacts/scan-results/anchore/: operation not permitted (suppressing repeats)[0;m 
[32;1mDownloading artifacts for hardening-manifest (4740529)...[0;m
Downloading artifacts from coordinator... ok      [0;m  id[0;m=4740529 responseStatus[0;m=200 OK token[0;m=kxg69ew4
[0;33mWARNING: ci-artifacts/preflight/: lchown ci-artifacts/preflight/: operation not permitted (suppressing repeats)[0;m 
[32;1mDownloading artifacts for load-scripts (4740526)...[0;m
Downloading artifacts from coordinator... ok      [0;m  id[0;m=4740526 responseStatus[0;m=200 OK token[0;m=RSbGKgUP
[0;33mWARNING: ci-artifacts/[MASKED]/: lchown ci-artifacts/[MASKED]/: operation not permitted (suppressing repeats)[0;m 
[32;1mDownloading artifacts for openscap-compliance (4740535)...[0;m
Downloading artifacts from coordinator... ok      [0;m  id[0;m=4740535 responseStatus[0;m=200 OK token[0;m=DEtfNHvi
[0;33mWARNING: ci-artifacts/scan-results/openscap/: lchown ci-artifacts/scan-results/openscap/: operation not permitted (suppressing repeats)[0;m 
[32;1mDownloading artifacts for twistlock-scan (4740536)...[0;m
[32;1mDownloading artifacts for wl-compare-lint (4740530)...[0;m
Downloading artifacts from coordinator... ok      [0;m  id[0;m=4740536 responseStatus[0;m=200 OK token[0;m=z4ZD_y-z
[0;33mWARNING: ci-artifacts/scan-results/twistlock/: lchown ci-artifacts/scan-results/twistlock/: operation not permitted (suppressing repeats)[0;m 
Downloading artifacts from coordinator... ok      [0;m  id[0;m=4740530 responseStatus[0;m=200 OK token[0;m=UTmN3t_H
[0;33mWARNING: ci-artifacts/lint/: lchown ci-artifacts/lint/: operation not permitted (suppressing repeats)[0;m 
section_end:1626059651:download_artifacts[0Ksection_start:1626059651:step_script[0K[0K[36;1mExecuting "step_script" stage of the job script[0;m
[0;m[32;1m$ pip3 install jsonschema # collapsed multi-line command[0;m
Requirement already satisfied: jsonschema in /usr/local/lib/python3.9/site-packages (3.2.0)
Requirement already satisfied: pyrsistent>=0.14.0 in /usr/local/lib/python3.9/site-packages (from jsonschema) (0.17.3)
Requirement already satisfied: six>=1.11.0 in /usr/local/lib/python3.9/site-packages (from jsonschema) (1.15.0)
Requirement already satisfied: setuptools in /usr/local/lib/python3.9/site-packages (from jsonschema) (56.1.0)
Requirement already satisfied: attrs>=17.4.0 in /usr/local/lib/python3.9/site-packages (from jsonschema) (21.2.0)
WARNING: Running pip as root will break packages and permissions. You should install packages reliably by using venv: https://pip.pypa.io/warnings/venv
WARNING: You are using pip version 21.1.1; however, version 21.1.3 is available.
You should consider upgrading via the '/usr/local/bin/python3.9 -m pip install --upgrade pip' command.
INFO: Log level set to info
INFO: Number of whitelisted vulnerabilities: 135
INFO: Whitelisted vulnerabilities: {Finding(scan_source='anchore_comp', cve_id='639f6f1177735759703e928c14714a59', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-7r82-7xv7-xcpj', package='httpclient-4.5.2', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/manticore-0.7.0-java/lib/org/apache/httpcomponents/httpclient/4.5.2/httpclient-4.5.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-93555', package='commons_codec-1.10', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/manticore-0.7.0-java/lib/commons-codec/commons-codec/1.10/commons-codec-1.10.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-80935-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3426', package='platform-python-3.6.8-37.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22876', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-255039', package='rack-2.2.3', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/specifications/rack-2.2.3.gemspec'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23841', package='openssl-libs-1.1.1g-15.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-150620', package='httpclient-4.5.2', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/manticore-0.7.0-java/lib/org/apache/httpcomponents/httpclient/4.5.2/httpclient-4.5.2.jar'), Finding(scan_source='anchore_cve', cve_id='GHSA-c43q-5hpj-4crv', package='jersey-common-2.33', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-integration-kafka-10.7.6-java/vendor/jar-dependencies/org/glassfish/jersey/core/jersey-common/2.33/jersey-common-2.33.jar'), Finding(scan_source='anchore_comp', cve_id='bcd159901fe47efddae5c095b4b0d7fd', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20231', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_comp', cve_id='c2e44319ae5b3b040044d8ae116d1c2f', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-rvwf-54qp-4r6v', package='snakeyaml-1.18', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-useragent-3.2.4-java/vendor/jar-dependencies/org/logstash/filters/logstash-filter-useragent/3.2.4/logstash-filter-useragent-3.2.4.jar:snakeyaml'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2019-20838', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-10663', package='json-1.8.6', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22898', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='320a97c6816565eedf3545833df99dd0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35942', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33560', package='libgcrypt-1.8.5-4.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-28153', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22898', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-jphg-qwrw-7w9g', package='json-1.8.6', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/specifications/json-1.8.6-java.gemspec'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20232', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3580', package='nettle-3.4.1-4.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8130', package='rake-12.3.2', package_path='/usr/share/logstash/vendor/jruby/lib/ruby/gems/shared/specifications/rake-12.3.2.gemspec'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-31799', package='rdoc-6.1.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3200', package='libsolv-0.7.16-2.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='3456a263793066e9b5063ada6e47917d', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82494-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='python3-hawkey-0.55.0-7.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-33574', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-5mg8-w23w-74h3', package='guava-24.1.1-jre', package_path='/usr/share/logstash/logstash-core/lib/jars/guava-24.1.1-jre.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2019-3881', package='bundler-1.17.3', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82959-8', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82949-9', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='PRISMA-2021-0055', package='commons-codec_commons-codec-1.10', package_path=None), Finding(scan_source='anchore_comp', cve_id='463a9a24225c26f7a5bf3f38908e5cb3', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82880-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82368-2', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-28153', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3572', package='python3-pip-wheel-9.0.3-19.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='698044205a9c4a6d48b7937e66a6bf4f', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82267-6', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='abb121e9621abdd452f65844954cf1c1', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-27218', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-15945', package='lua-libs-5.3.4-11.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-33560', package='libgcrypt-1.8.5-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-config-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='python3-libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82472-2', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82985-3', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='3e5fad1c039f3ecfd1dcdc94d2f1f9a0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20231', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27218', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22876', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-14155', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23840', package='openssl-libs-1.1.1g-15.el8_3', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82395-5', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82473-0', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-83401-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2019-17195', package='avro-1.10.2', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/specifications/avro-1.10.2.gemspec'), Finding(scan_source='oscap_comp', cve_id='CCE-82474-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20232', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-31799', package='rdoc-6.1.2', package_path='/usr/share/logstash/vendor/jruby/lib/ruby/gems/shared/specifications/default/rdoc-6.1.2.gemspec'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8908', package='com.google.guava_guava-24.1.1-jre', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22876', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_comp', cve_id='e7573262736ef52353cde3bae2617782', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='c4ad80832b361f81df2a31e5b6b09864', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82168-6', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20266', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3426', package='python3-libs-3.6.8-37.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35942', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3421', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-24032', package='libzstd-1.4.4-1.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21295', package='io.netty_netty-all-4.1.49.Final', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-13956', package='org.apache.httpcomponents_httpclient-4.5.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='34de21e516c0ca50a96e5386f163f8bf', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82979-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80938-4', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-fp4w-jxhp-m23p', package='bundler-1.17.3', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/specifications/bundler-1.17.3.gemspec'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3200', package='libsolv-0.7.16-2.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-28491', package='com.fasterxml.jackson.dataformat_jackson-dataformat-cbor-2.9.10', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-jppv-gw3r-w3q8', package='rake-12.3.2', package_path='/usr/share/logstash/vendor/jruby/lib/ruby/gems/shared/specifications/rake-12.3.2.gemspec'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21290', package='io.netty_netty-all-4.1.49.Final', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-180024', package='derby-10.14.1.0', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-integration-jdbc-5.0.7/vendor/jar-dependencies/org/apache/derby/derby/10.14.1.0/derby-10.14.1.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-28168', package='jersey-2.33', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-integration-kafka-10.7.6-java/vendor/jar-dependencies/org/glassfish/jersey/core/jersey-common/2.33/jersey-common-2.33.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35942', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3445', package='libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-14155', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-g98m-96g9-wfjq', package='bundler-1.17.3', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/specifications/bundler-1.17.3.gemspec'), Finding(scan_source='anchore_comp', cve_id='addbb93c22e9b0988b8b40392a4538cb', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2017-18640', package='snakeyaml-1.18', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-useragent-3.2.4-java/vendor/jar-dependencies/org/logstash/filters/logstash-filter-useragent/3.2.4/logstash-filter-useragent-3.2.4.jar:snakeyaml'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24370', package='lua-libs-5.3.4-11.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2019-20838', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21409', package='io.netty_netty-all-4.1.49.Final', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-16135', package='libssh-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-vwqq-5vrc-xw9h', package='log4j-core-2.9.1', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-input-tcp-6.0.10-java/vendor/jar-dependencies/org/logstash/inputs/logstash-input-tcp/6.0.10/logstash-input-tcp-6.0.10.jar:log4j-core'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22898', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82220-5', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-9488', package='org.apache.logging.log4j_log4j-api-2.11.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-248279', package='jackson-dataformat-cbor-2.9.10', package_path='/usr/share/logstash/logstash-core/lib/jars/jackson-dataformat-cbor-2.9.10.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82214-8', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82360-9', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2017-18640', package='org.yaml_snakeyaml-1.18', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-36327', package='bundler-1.17.3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-9488', package='org.apache.logging.log4j_log4j-api-2.9.1', package_path=None)}
INFO: Vulnerabilities found in scanning stage: 135
HTTP/2 200 
content-type: text/plain
vary: Origin
x-request-id: eibqpdj1p78j9ecqarfc3gam9c
x-version-id: 5.34.0.5.34.2.5a35f928d9e879eaa43fde2ddbb62e6f.true
date: Mon, 12 Jul 2021 03:14:13 GMT
content-length: 2
x-envoy-upstream-service-time: 693
server: istio-envoy

okINFO: {Finding(scan_source='anchore_comp', cve_id='639f6f1177735759703e928c14714a59', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-7r82-7xv7-xcpj', package='httpclient-4.5.2', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/manticore-0.7.0-java/lib/org/apache/httpcomponents/httpclient/4.5.2/httpclient-4.5.2.jar'), Finding(scan_source='anchore_cve', cve_id='VULNDB-93555', package='commons_codec-1.10', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/manticore-0.7.0-java/lib/commons-codec/commons-codec/1.10/commons-codec-1.10.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-80935-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3426', package='platform-python-3.6.8-37.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22876', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-255039', package='rack-2.2.3', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/specifications/rack-2.2.3.gemspec'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23841', package='openssl-libs-1.1.1g-15.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-150620', package='httpclient-4.5.2', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/manticore-0.7.0-java/lib/org/apache/httpcomponents/httpclient/4.5.2/httpclient-4.5.2.jar'), Finding(scan_source='anchore_cve', cve_id='GHSA-c43q-5hpj-4crv', package='jersey-common-2.33', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-integration-kafka-10.7.6-java/vendor/jar-dependencies/org/glassfish/jersey/core/jersey-common/2.33/jersey-common-2.33.jar'), Finding(scan_source='anchore_comp', cve_id='bcd159901fe47efddae5c095b4b0d7fd', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20231', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_comp', cve_id='c2e44319ae5b3b040044d8ae116d1c2f', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-rvwf-54qp-4r6v', package='snakeyaml-1.18', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-useragent-3.2.4-java/vendor/jar-dependencies/org/logstash/filters/logstash-filter-useragent/3.2.4/logstash-filter-useragent-3.2.4.jar:snakeyaml'), Finding(scan_source='twistlock_cve', cve_id='CVE-2019-20838', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-10663', package='json-1.8.6', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22898', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='320a97c6816565eedf3545833df99dd0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35942', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33560', package='libgcrypt-1.8.5-4.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-28153', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22898', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-jphg-qwrw-7w9g', package='json-1.8.6', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/specifications/json-1.8.6-java.gemspec'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20232', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3580', package='nettle-3.4.1-4.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8130', package='rake-12.3.2', package_path='/usr/share/logstash/vendor/jruby/lib/ruby/gems/shared/specifications/rake-12.3.2.gemspec'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-31799', package='rdoc-6.1.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3200', package='libsolv-0.7.16-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_comp', cve_id='3456a263793066e9b5063ada6e47917d', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82494-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='python3-hawkey-0.55.0-7.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-33574', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-5mg8-w23w-74h3', package='guava-24.1.1-jre', package_path='/usr/share/logstash/logstash-core/lib/jars/guava-24.1.1-jre.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2019-3881', package='bundler-1.17.3', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82959-8', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82949-9', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82880-6', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='PRISMA-2021-0055', package='commons-codec_commons-codec-1.10', package_path=None), Finding(scan_source='anchore_comp', cve_id='463a9a24225c26f7a5bf3f38908e5cb3', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82368-2', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-28153', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3572', package='python3-pip-wheel-9.0.3-19.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='698044205a9c4a6d48b7937e66a6bf4f', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82267-6', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='abb121e9621abdd452f65844954cf1c1', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-27218', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-33560', package='libgcrypt-1.8.5-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-config-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='python3-libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82472-2', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82985-3', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='3e5fad1c039f3ecfd1dcdc94d2f1f9a0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-32740', package='addressable-2.7.0', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/specifications/addressable-2.7.0.gemspec'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20231', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27218', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22876', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-14155', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23840', package='openssl-libs-1.1.1g-15.el8_3', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82395-5', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82473-0', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-83401-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2019-17195', package='avro-1.10.2', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/specifications/avro-1.10.2.gemspec'), Finding(scan_source='oscap_comp', cve_id='CCE-82474-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20232', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-31799', package='rdoc-6.1.2', package_path='/usr/share/logstash/vendor/jruby/lib/ruby/gems/shared/specifications/default/rdoc-6.1.2.gemspec'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8908', package='com.google.guava_guava-24.1.1-jre', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22876', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_comp', cve_id='e7573262736ef52353cde3bae2617782', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20266', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82168-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35942', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3426', package='python3-libs-3.6.8-37.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='c4ad80832b361f81df2a31e5b6b09864', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3421', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-24032', package='libzstd-1.4.4-1.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21295', package='io.netty_netty-all-4.1.49.Final', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-13956', package='org.apache.httpcomponents_httpclient-4.5.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='34de21e516c0ca50a96e5386f163f8bf', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82979-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80938-4', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3200', package='libsolv-0.7.16-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-fp4w-jxhp-m23p', package='bundler-1.17.3', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/specifications/bundler-1.17.3.gemspec'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-28491', package='com.fasterxml.jackson.dataformat_jackson-dataformat-cbor-2.9.10', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-jppv-gw3r-w3q8', package='rake-12.3.2', package_path='/usr/share/logstash/vendor/jruby/lib/ruby/gems/shared/specifications/rake-12.3.2.gemspec'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21290', package='io.netty_netty-all-4.1.49.Final', package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-180024', package='derby-10.14.1.0', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-integration-jdbc-5.0.7/vendor/jar-dependencies/org/apache/derby/derby/10.14.1.0/derby-10.14.1.0.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-28168', package='jersey-2.33', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-integration-kafka-10.7.6-java/vendor/jar-dependencies/org/glassfish/jersey/core/jersey-common/2.33/jersey-common-2.33.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35942', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3445', package='libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-14155', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-g98m-96g9-wfjq', package='bundler-1.17.3', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/specifications/bundler-1.17.3.gemspec'), Finding(scan_source='anchore_comp', cve_id='addbb93c22e9b0988b8b40392a4538cb', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35939', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24370', package='lua-libs-5.3.4-11.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2017-18640', package='snakeyaml-1.18', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-useragent-3.2.4-java/vendor/jar-dependencies/org/logstash/filters/logstash-filter-useragent/3.2.4/logstash-filter-useragent-3.2.4.jar:snakeyaml'), Finding(scan_source='anchore_cve', cve_id='CVE-2019-20838', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21409', package='io.netty_netty-all-4.1.49.Final', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-16135', package='libssh-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-vwqq-5vrc-xw9h', package='log4j-core-2.9.1', package_path='/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-input-tcp-6.0.10-java/vendor/jar-dependencies/org/logstash/inputs/logstash-input-tcp/6.0.10/logstash-input-tcp-6.0.10.jar:log4j-core'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22898', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82220-5', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-9488', package='org.apache.logging.log4j_log4j-api-2.11.1', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82214-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='VULNDB-248279', package='jackson-dataformat-cbor-2.9.10', package_path='/usr/share/logstash/logstash-core/lib/jars/jackson-dataformat-cbor-2.9.10.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82360-9', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2017-18640', package='org.yaml_snakeyaml-1.18', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-36327', package='bundler-1.17.3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-9488', package='org.apache.logging.log4j_log4j-api-2.9.1', package_path=None)}
ERROR: NON-WHITELISTED VULNERABILITIES FOUND
ERROR: Number of non-whitelisted vulnerabilities: 1
ERROR: The following vulnerabilities are not whitelisted:
ERROR: scan_source                   cve_id                        package                       package_path                  
ERROR: anchore_cve                   CVE-2021-32740                addressable-2.7.0             /usr/share/logstash/vendor/bundle/jruby/2.5.0/specifications/addressable-2.7.0.gemspec    
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0100   117  100     2  100   115      2    154  0:00:01 --:--:--  0:00:01   157100   117  100     2  100   115      2    154  0:00:01 --:--:--  0:00:01   157
section_end:1626059655:step_script[0Ksection_start:1626059655:cleanup_file_variables[0K[0K[36;1mCleaning up file based variables[0;m
[0;msection_end:1626059655:cleanup_file_variables[0K[31;1mERROR: Job failed: command terminated with exit code 1
[0;m