Pipeline · Ironbank Containers / GitLab / Gitlab / gitlab-mailroom

Merge branch 'release-gitlab-13-12-2' into 'development'

Update GitLab to the 13.12.2 Security Release

See merge request !82

16 jobs for development in 7 minutes and 19 seconds (queued for 8 minutes and 58 seconds)

e1f38d58

Status	Job ID	Name
.Pre
passed	#3888718	load-scripts	00:00:07 Jun 07, 2021

Preflight
passed	#3888720	folder-structure	00:00:05 Jun 07, 2021
passed	#3888721	hardening-manifest	00:00:08 Jun 07, 2021
passed	#3888719	trufflehog	00:00:09 Jun 07, 2021

Lint
passed	#3888722	wl-compare-lint	00:00:07 Jun 07, 2021

Import Artifacts
passed	#3888723	import-artifacts	00:00:07 Jun 07, 2021

Scan Artifacts
passed	#3888724	clamav-scan	00:00:40 Jun 07, 2021

Build
passed	#3888725	build	00:01:30 Jun 07, 2021

Scanning
passed	#3888726	anchore-scan	00:02:07 Jun 07, 2021
passed	#3888727 ironbank-dsop-privileged	openscap-compliance	00:01:01 Jun 07, 2021
passed	#3888728	twistlock-scan	00:01:27 Jun 07, 2021

Csv Output
passed	#3888729	csv-output	00:00:25 Jun 07, 2021

Check Cves
failed	#3888730 allowed to fail	check-cves	00:00:09 Jun 07, 2021

Documentation
passed	#3888731	documentation	00:00:39 Jun 07, 2021

S3 Publish
passed	#3888732	upload-to-s3	00:01:01 Jun 07, 2021

Vat
passed	#3888733	vat	00:00:11 Jun 07, 2021

Name Stage Failure

	Name	Stage	Failure
failed	check-cves	Check Cves
	ERROR: Number of non-whitelisted vulnerabilities: 4 ERROR: The following vulnerabilities are not whitelisted: ERROR: scan_source cve_id package package_path ERROR: anchore_comp b316cbcdd48048c73d7e5724b8927f92 None None ERROR: anchore_cve GHSA-fp4w-jxhp-m23p bundler-2.1.4 /usr/lib64/ruby/gems/2.7.0/specifications/default/bundler-2.1.4.gemspec ERROR: anchore_cve GHSA-fp4w-jxhp-m23p bundler-2.1.4 /usr/lib64/ruby/gems/2.7.0/specifications/bundler-2.1.4.gemspec ERROR: twistlock_cve CVE-2020-36327 bundler-2.1.4 None Cleaning up file based variables ERROR: Job failed: command terminated with exit code 1

failed

check-cves

Check Cves

ERROR: Number of non-whitelisted vulnerabilities: 4
ERROR: The following vulnerabilities are not whitelisted:
ERROR: scan_source                   cve_id                        package                       package_path                  
ERROR: anchore_comp                  b316cbcdd48048c73d7e5724b8927f92    None                          None                          
ERROR: anchore_cve                   GHSA-fp4w-jxhp-m23p           bundler-2.1.4                 /usr/lib64/ruby/gems/2.7.0/specifications/default/bundler-2.1.4.gemspec    
ERROR: anchore_cve                   GHSA-fp4w-jxhp-m23p           bundler-2.1.4                 /usr/lib64/ruby/gems/2.7.0/specifications/bundler-2.1.4.gemspec    
ERROR: twistlock_cve                 CVE-2020-36327                bundler-2.1.4                 None                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1