UNCLASSIFIED

Skip to content

GitLab

Merge branch 'trufflehog-whitelist-patch' into 'development' 

add trufflehog config file

Closes #12

See merge request !77
18 jobs for development in 17 minutes and 15 seconds (queued for 18 minutes and 23 seconds)
bd34c594
1 related merge request: !78 Development
Status Job ID Name Coverage
  .Pre
passed #2904856
ironbank
load scripts

00:00:06

 
  Preflight
passed #2904858
ironbank
folder structure

00:00:05

passed #2904859
ironbank
hardening_manifest

00:00:10

passed #2904857
ironbank
trufflehog

00:00:06

 
  Lint
passed #2904860
ironbank
wl compare lint

00:00:10

 
  Finding Compare
failed #2904861
ironbank allowed to fail
vat compare

00:00:06

 
  Import Artifacts
passed #2904862
ironbank
import artifacts

00:00:19

 
  Scan Artifacts
passed #2904863
ironbank
clamav scan

00:02:42

 
  Build
passed #2904864
ironbank-isolated
build

00:02:30

 
  Scanning
passed #2904865
ironbank
anchore scan

00:03:03

passed #2904866
ironbank
openscap compliance

00:01:27

passed #2904867
ironbank
openscap cve

00:06:47

passed #2904868
ironbank
twistlock scan

00:01:11

 
  Csv Output
passed #2904869
ironbank
csv output

00:00:56

 
  Check Cves
failed #2904870
ironbank allowed to fail
check cves

00:00:15

 
  Documentation
passed #2904871
ironbank
documentation

00:01:11

 
  S3 Publish
passed #2904872
ironbank
upload to s3

00:01:44

 
  Vat
passed #2904873
ironbank
vat

00:00:10

 
Name Stage Failure
failed
check cves Check Cves 
ERROR: Number of non-whitelisted vulnerabilities: 4
ERROR: The following vulnerabilities are not whitelisted:
ERROR: scan_source                   cve_id                        package                       package_path                  
ERROR: anchore_comp                  797f07e75846228a49a4e82115b266b7    None                          None                          
ERROR: anchore_cve                   CVE-2020-4054                 sanitize-4.6.6                /usr/lib64/ruby/gems/2.7.0/specifications/sanitize-4.6.6.gemspec    
ERROR: anchore_cve                   GHSA-p4x4-rw2p-8j8m           sanitize-4.6.6                /usr/lib64/ruby/gems/2.7.0/specifications/sanitize-4.6.6.gemspec    
ERROR: twistlock_cve                 CVE-2020-4054                 sanitize-4.6.6                None                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1
failed
vat compare Finding Compare 
$ python3 "${PIPELINE_REPO_DIR}/stages/vat-finding-compare/vat_findings.py"
INFO: Log level set to info
INFO: File does not currently exist.
Uploading artifacts for failed job
Uploading artifacts...
ci-artifacts/compare/: found 1 matching files and directories 
Uploading artifacts as "archive" to coordinator... ok  id=2904861 responseStatus=201 Created token=szi_2UsP
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 3

UNCLASSIFIED