Pipeline · Ironbank Containers / GitLab / Gitlab / gitlab-mailroom

Merge branch 'release-gitlab-13.9.0' into 'development'

Update GitLab to the 13.9.0 Feature Release

See merge request !63

19 jobs for development in 12 minutes and 19 seconds (queued for 11 minutes and 44 seconds)

cf706417

Status	Job ID	Name
.Pre
passed	#2280390 ironbank	load scripts	00:00:06 Mar 03, 2021

Preflight
passed	#2280391 ironbank	folder structure	00:00:07 Mar 03, 2021
passed	#2280393 ironbank	hardening_manifest	00:00:14 Mar 03, 2021
failed	#2280392 ironbank allowed to fail	hardening_manifest migration	00:00:07 Mar 03, 2021

Lint
passed	#2280394 ironbank	wl compare lint	00:00:15 Mar 03, 2021

Import Artifacts
passed	#2280395 ironbank	import artifacts	00:00:09 Mar 03, 2021

Scan Artifacts
passed	#2280396 ironbank	clamav scan	00:00:36 Mar 03, 2021

Build
passed	#2280397 ironbank-isolated	build	00:02:03 Mar 03, 2021

Scanning
passed	#2280401 ironbank	anchore scan	00:02:06 Mar 03, 2021
passed	#2280398 ironbank	openscap compliance	00:01:08 Mar 03, 2021
passed	#2280399 ironbank	openscap cve	00:04:25 Mar 03, 2021
passed	#2280400 ironbank	twistlock scan	00:00:25 Mar 03, 2021

Csv Output
passed	#2280402 ironbank	csv output	00:01:01 Mar 03, 2021

Check Cves
failed	#2280403 ironbank allowed to fail	check cves	00:00:17 Mar 03, 2021

Documentation
passed	#2280404 ironbank	sign image	00:00:37 Mar 03, 2021
passed	#2280405 ironbank	sign manifest	00:00:26 Mar 03, 2021
passed	#2280406 ironbank	write json documentation	00:00:25 Mar 03, 2021

Publish
passed	#2280407 ironbank	upload to s3	00:01:42 Mar 03, 2021

Vat
passed	#2280408 ironbank	vat	00:00:46 Mar 03, 2021

	Name	Stage
failed	check cves	Check Cves
	INFO: Whitelisted vulnerabilities: {'anchorecve_CVE-2020-24977-python3-libxml2-2.9.7-8.el8', 'oscapcomp_CCE-82168-6', 'oscapcomp_CCE-80938-4', 'anchorecve_CVE-2021-23840-openssl-libs-1.1.1g-12.el8_3', 'anchorecomp_addbb93c22e9b0988b8b40392a4538cb', 'anchorecve_CVE-2020-8284-libcurl-7.61.1-14.el8_3.1', 'oscapcomp_CCE-83401-0', 'anchorecve_CVE-2020-24977-libxml2-2.9.7-8.el8', 'oscapcomp_CCE-82959-8', 'anchorecve_CVE-2020-8284-curl-7.61.1-14.el8_3.1', 'anchorecve_CVE-2021-23336-platform-python-3.6.8-31.el8', 'anchorecve_CVE-2021-3326-glibc-2.28-127.el8_3.2', 'anchorecve_CVE-2020-16135-libssh-config-0.9.4-2.el8', 'anchorecve_CVE-2020-27618-glibc-minimal-langpack-2.28-127.el8_3.2', 'anchorecve_CVE-2020-35512-dbus-libs-1.12.8-12.el8_3', 'oscapcomp_CCE-82360-9', 'anchorecve_CVE-2020-29363-p11-kit-0.23.14-5.el8_0', 'tl_CVE-2020-8231-curl-7.61.1-14.el8_3.1', 'anchorecve_CVE-2020-8286-libcurl-7.61.1-14.el8_3.1', 'oscapcomp_CCE-80784-2', 'tl_CVE-2020-13776-systemd-239-41.el8_3.1', 'oscapcomp_CCE-82220-5', 'anchorecve_CVE-2019-25013-glibc-2.28-127.el8_3.2', 'anchorecve_CVE-2020-13776-systemd-libs-239-41.el8_3.1', 'anchorecve_CVE-2020-35512-dbus-common-1.12.8-12.el8_3', 'anchorecve_CVE-2021-3326-glibc-minimal-langpack-2.28-127.el8_3.2', 'anchorecomp_320a97c6816565eedf3545833df99dd0', 'anchorecve_CVE-2021-27645-glibc-2.28-127.el8_3.2', 'anchorecve_CVE-2008-4318-observer-0.1.0', 'tl_CVE-2020-29361-p11-kit-0.23.14-5.el8_0', 'anchorecve_CVE-2020-8286-curl-7.61.1-14.el8_3.1', 'oscapcomp_CCE-82214-8', 'oscapcomp_CCE-82473-0', 'oscapcomp_CCE-82880-6', 'anchorecve_CVE-2020-29361-p11-kit-trust-0.23.14-5.el8_0', 'tl_CVE-2020-29363-p11-kit-0.23.14-5.el8_0', 'oscapcomp_CCE-80935-0', 'anchorecve_CVE-2020-8285-libcurl-7.61.1-14.el8_3.1', 'anchorecve_CVE-2020-26137-urllib3-1.24.2', 'anchorecve_CVE-2020-27618-glibc-2.28-127.el8_3.2', 'anchorecve_CVE-2020-8231-libcurl-7.61.1-14.el8_3.1', 'anchorecomp_b316cbcdd48048c73d7e5724b8927f92', 'anchorecomp_639f6f1177735759703e928c14714a59', 'oscapcomp_CCE-82979-6', 'anchorecve_CVE-2020-15358-sqlite-libs-3.26.0-11.el8', 'anchorecve_VULNDB-115884-urllib3-1.24.2', 'tl_CVE-2020-29362-p11-kit-0.23.14-5.el8_0', 'anchorecve_CVE-2021-23841-openssl-libs-1.1.1g-12.el8_3', 'anchorecve_CVE-2020-13776-systemd-pam-239-41.el8_3.1', 'anchorecve_CVE-2020-8927-brotli-1.0.6-2.el8', 'oscapcomp_CCE-82985-3', 'anchorecve_CVE-2020-16135-libssh-0.9.4-2.el8', 'tl_CVE-2020-25613-webrick-1.6.0', 'anchorecomp_41cb7cdf04850e33a11f80c42bf660b3', 'anchorecve_CVE-2020-29361-p11-kit-0.23.14-5.el8_0', 'anchorecomp_3456a263793066e9b5063ada6e47917d', 'anchorecve_CVE-2020-29363-p11-kit-trust-0.23.14-5.el8_0', 'oscapcomp_CCE-82472-2', 'anchorecve_CVE-2020-35512-dbus-1.12.8-12.el8_3', 'tl_CVE-2020-8286-curl-7.61.1-14.el8_3.1', 'anchorecomp_e7573262736ef52353cde3bae2617782', 'anchorecve_CVE-2021-3177-python3-libs-3.6.8-31.el8', 'anchorecve_CVE-2019-25013-glibc-common-2.28-127.el8_3.2', 'tl_CVE-2021-3326-glibc-2.28-127.el8_3.2', 'tl_CVE-2019-25013-glibc-2.28-127.el8_3.2', 'anchorecve_CVE-2020-24370-lua-libs-5.3.4-11.el8', 'anchorecomp_34de21e516c0ca50a96e5386f163f8bf', 'anchorecve_CVE-2020-27618-glibc-common-2.28-127.el8_3.2', 'anchorecve_CVE-2019-3881-bundler-1.17.3', 'anchorecomp_3e5fad1c039f3ecfd1dcdc94d2f1f9a0', 'anchorecve_CVE-2021-27645-glibc-minimal-langpack-2.28-127.el8_3.2', 'tl_CVE-2020-8284-curl-7.61.1-14.el8_3.1', 'anchorecve_CVE-2020-27619-platform-python-3.6.8-31.el8', 'anchorecve_CVE-2020-35512-dbus-daemon-1.12.8-12.el8_3', 'anchorecomp_463a9a24225c26f7a5bf3f38908e5cb3', 'anchorecve_CVE-2020-8285-curl-7.61.1-14.el8_3.1', 'anchorecve_CVE-2020-29362-p11-kit-0.23.14-5.el8_0', 'anchorecomp_abb121e9621abdd452f65844954cf1c1', 'tl_CVE-2020-8927-brotli-1.0.6-2.el8', 'anchorecomp_c4ad80832b361f81df2a31e5b6b09864', 'anchorecve_CVE-2021-23336-python3-libs-3.6.8-31.el8', 'oscapcomp_CCE-82474-8', 'anchorecve_CVE-2020-35512-dbus-tools-1.12.8-12.el8_3', 'anchorecve_CVE-2021-27645-glibc-common-2.28-127.el8_3.2', 'anchorecomp_68e630cef4a8533b139875aa5fc54da5', 'anchorecve_CVE-2019-25013-glibc-minimal-langpack-2.28-127.el8_3.2', 'oscapcomp_CCE-82949-9', 'anchorecve_CVE-2020-13434-sqlite-libs-3.26.0-11.el8', 'anchorecve_CVE-2020-29362-p11-kit-trust-0.23.14-5.el8_0', 'anchorecomp_698044205a9c4a6d48b7937e66a6bf4f', 'anchorecve_CVE-2020-27619-python3-libs-3.6.8-31.el8', 'anchorecve_CVE-2020-8231-curl-7.61.1-14.el8_3.1', 'oscapcomp_CCE-82368-2', 'tl_CVE-2020-8285-curl-7.61.1-14.el8_3.1', 'oscapcomp_CCE-82395-5', 'anchorecve_CVE-2021-3326-glibc-common-2.28-127.el8_3.2', 'anchorecomp_b2505d515c1cbb5547e1039d0707596b', 'anchorecve_CVE-2021-3177-platform-python-3.6.8-31.el8', 'anchorecomp_bcd159901fe47efddae5c095b4b0d7fd', 'anchorecve_VULNDB-239538-webrick-1.6.0', 'oscapcomp_CCE-82267-6', 'oscapcomp_CCE-82494-6', 'anchorecomp_c2e44319ae5b3b040044d8ae116d1c2f', 'anchorecve_CVE-2020-13776-systemd-239-41.el8_3.1', 'anchorecve_CVE-2020-28196-krb5-libs-1.18.2-5.el8'} INFO: Vulnerabilities found in scanning stage: 88 INFO: {'anchorecve_CVE-2020-24977-python3-libxml2-2.9.7-8.el8', 'oscapcomp_CCE-82168-6', 'oscapcomp_CCE-80938-4', 'anchorecve_CVE-2021-23840-openssl-libs-1.1.1g-12.el8_3', 'anchorecve_CVE-2020-8284-libcurl-7.61.1-14.el8_3.1', 'oscapcomp_CCE-83401-0', 'anchorecve_CVE-2020-24977-libxml2-2.9.7-8.el8', 'oscapcomp_CCE-82959-8', 'anchorecve_CVE-2020-8284-curl-7.61.1-14.el8_3.1', 'anchorecve_CVE-2021-23336-platform-python-3.6.8-31.el8', 'anchorecve_CVE-2021-3326-glibc-2.28-127.el8_3.2', 'anchorecve_CVE-2020-16135-libssh-config-0.9.4-2.el8', 'tl_CVE-2020-8231-curl-7.61.1-14.el8_3.1', 'anchorecve_CVE-2020-35512-dbus-libs-1.12.8-12.el8_3', 'oscapcomp_CCE-82360-9', 'anchorecve_CVE-2020-29363-p11-kit-0.23.14-5.el8_0', 'anchorecve_CVE-2020-8286-libcurl-7.61.1-14.el8_3.1', 'anchorecve_CVE-2020-27618-glibc-minimal-langpack-2.28-127.el8_3.2', 'oscapcomp_CCE-80784-2', 'tl_CVE-2020-13776-systemd-239-41.el8_3.1', 'oscapcomp_CCE-82220-5', 'anchorecve_CVE-2019-25013-glibc-2.28-127.el8_3.2', 'anchorecve_CVE-2020-13776-systemd-libs-239-41.el8_3.1', 'anchorecve_CVE-2020-35512-dbus-common-1.12.8-12.el8_3', 'anchorecve_CVE-2020-25613-webrick-1.6.0', 'anchorecve_CVE-2021-3326-glibc-minimal-langpack-2.28-127.el8_3.2', 'anchorecve_CVE-2021-27645-glibc-2.28-127.el8_3.2', 'anchorecve_CVE-2020-8286-curl-7.61.1-14.el8_3.1', 'tl_CVE-2020-29361-p11-kit-0.23.14-5.el8_0', 'anchorecve_CVE-2008-4318-observer-0.1.0', 'oscapcomp_CCE-82214-8', 'oscapcomp_CCE-82473-0', 'oscapcomp_CCE-82880-6', 'anchorecve_CVE-2020-29361-p11-kit-trust-0.23.14-5.el8_0', 'tl_CVE-2020-29363-p11-kit-0.23.14-5.el8_0', 'oscapcomp_CCE-80935-0', 'anchorecve_CVE-2020-8285-libcurl-7.61.1-14.el8_3.1', 'anchorecve_CVE-2020-27618-glibc-2.28-127.el8_3.2', 'anchorecve_CVE-2020-26137-urllib3-1.24.2', 'anchorecve_CVE-2020-8231-libcurl-7.61.1-14.el8_3.1', 'oscapcomp_CCE-82979-6', 'anchorecve_CVE-2020-15358-sqlite-libs-3.26.0-11.el8', 'anchorecve_VULNDB-115884-urllib3-1.24.2', 'tl_CVE-2020-29362-p11-kit-0.23.14-5.el8_0', 'anchorecve_CVE-2021-23841-openssl-libs-1.1.1g-12.el8_3', 'anchorecve_CVE-2020-13776-systemd-pam-239-41.el8_3.1', 'anchorecve_CVE-2020-8927-brotli-1.0.6-2.el8', 'oscapcomp_CCE-82985-3', 'anchorecve_CVE-2020-16135-libssh-0.9.4-2.el8', 'tl_CVE-2020-25613-webrick-1.6.0', 'anchorecve_CVE-2020-29361-p11-kit-0.23.14-5.el8_0', 'anchorecve_CVE-2020-29363-p11-kit-trust-0.23.14-5.el8_0', 'oscapcomp_CCE-82472-2', 'tl_CVE-2020-8286-curl-7.61.1-14.el8_3.1', 'anchorecve_CVE-2020-35512-dbus-1.12.8-12.el8_3', 'anchorecve_CVE-2021-3177-python3-libs-3.6.8-31.el8', 'tl_CVE-2021-3326-glibc-2.28-127.el8_3.2', 'anchorecve_CVE-2019-25013-glibc-common-2.28-127.el8_3.2', 'tl_CVE-2019-25013-glibc-2.28-127.el8_3.2', 'anchorecve_CVE-2020-24370-lua-libs-5.3.4-11.el8', 'anchorecve_CVE-2020-27618-glibc-common-2.28-127.el8_3.2', 'anchorecve_CVE-2019-3881-bundler-1.17.3', 'anchorecve_CVE-2021-27645-glibc-minimal-langpack-2.28-127.el8_3.2', 'tl_CVE-2020-8284-curl-7.61.1-14.el8_3.1', 'anchorecve_CVE-2020-27619-platform-python-3.6.8-31.el8', 'anchorecve_CVE-2020-35512-dbus-daemon-1.12.8-12.el8_3', 'anchorecve_CVE-2020-8285-curl-7.61.1-14.el8_3.1', 'anchorecve_CVE-2020-29362-p11-kit-0.23.14-5.el8_0', 'tl_CVE-2020-8927-brotli-1.0.6-2.el8', 'anchorecve_CVE-2021-23336-python3-libs-3.6.8-31.el8', 'oscapcomp_CCE-82474-8', 'anchorecve_CVE-2020-35512-dbus-tools-1.12.8-12.el8_3', 'anchorecve_CVE-2021-27645-glibc-common-2.28-127.el8_3.2', 'anchorecve_CVE-2019-25013-glibc-minimal-langpack-2.28-127.el8_3.2', 'oscapcomp_CCE-82949-9', 'anchorecve_CVE-2020-29362-p11-kit-trust-0.23.14-5.el8_0', 'anchorecve_CVE-2020-13434-sqlite-libs-3.26.0-11.el8', 'anchorecve_CVE-2020-27619-python3-libs-3.6.8-31.el8', 'anchorecve_CVE-2020-8231-curl-7.61.1-14.el8_3.1', 'oscapcomp_CCE-82368-2', 'tl_CVE-2020-8285-curl-7.61.1-14.el8_3.1', 'oscapcomp_CCE-82395-5', 'anchorecve_CVE-2021-3326-glibc-common-2.28-127.el8_3.2', 'anchorecve_CVE-2021-3177-platform-python-3.6.8-31.el8', 'oscapcomp_CCE-82267-6', 'oscapcomp_CCE-82494-6', 'anchorecve_CVE-2020-13776-systemd-239-41.el8_3.1', 'anchorecve_CVE-2020-28196-krb5-libs-1.18.2-5.el8'} ERROR: NON-WHITELISTED VULNERABILITIES FOUND ERROR: Number of non-whitelisted vulnerabilities: 1 ERROR: The following vulnerabilities are not whitelisted: ERROR: Anchore CVE - CVE-2020-25613-webrick-1.6.0 Cleaning up file based variables ERROR: Job failed: command terminated with exit code 1
failed	hardening_manifest migration	Preflight
	`Skipping Git submodules setup Downloading artifacts Downloading artifacts from coordinator... ok id=2280390 responseStatus=200 OK token=ezriczU_ Downloading artifacts for load scripts (2280390)... Executing "step_script" stage of the job script $ if ! [[ -f hardening_manifest.yaml ]]; then # collapsed multi-line command LABEL found in Dockerfile, move all LABELs to the hardening_manifest.yaml file Cleaning up file based variables ERROR: Job failed: command terminated with exit code 1`