Pipeline · Ironbank Containers / GitLab / Gitlab / gitlab-rails

Merge branch 'release-gitlab-13-12-2' into 'development'

Update GitLab to the 13.12.2 Security Release

See merge request !87

17 jobs for development in 43 minutes and 41 seconds (queued for 98 minutes and 29 seconds)

949a83a8

Status	Job ID	Name
.Pre
passed	#4134653	load-scripts	00:00:13 Jun 16, 2021

Preflight
passed	#4134655	folder-structure	00:00:10 Jun 16, 2021
passed	#4134656	hardening-manifest	00:00:15 Jun 16, 2021
passed	#4134654	trufflehog	00:00:10 Jun 16, 2021

Lint
passed	#4134657	wl-compare-lint	00:00:12 Jun 16, 2021

Import Artifacts
passed	#4134658	import-artifacts	00:00:49 Jun 16, 2021

Scan Artifacts
passed	#4134659	clamav-scan	00:04:41 Jun 16, 2021

Build
passed	#4134660	build	00:06:22 Jun 16, 2021

Scanning
passed	#4134661	anchore-scan	00:13:20 Jun 16, 2021
passed	#4134662 ironbank-dsop-privileged	openscap-compliance	00:03:00 Jun 16, 2021
passed	#4138470	twistlock-scan	00:09:39 Jun 16, 2021
failed	#4134663	twistlock-scan	00:40:56 Jun 16, 2021

Csv Output
passed	#4134664	csv-output	00:02:05 Jun 16, 2021

Check Cves
failed	#4134665 allowed to fail	check-cves	00:00:28 Jun 16, 2021

Documentation
passed	#4134666	documentation	00:02:09 Jun 16, 2021

S3 Publish
passed	#4134667	upload-to-s3	00:02:51 Jun 16, 2021

Vat
passed	#4134668	vat	00:00:27 Jun 16, 2021

Name Stage Failure

	Name	Stage	Failure
failed	check-cves	Check Cves
	ERROR: anchore_cve CVE-2021-3541 nokogiri-1.11.3 /srv/gitlab/vendor/bundle/ruby/2.7.0/specifications/nokogiri-1.11.3-x86_64-linux.gemspec ERROR: anchore_cve CVE-2021-33575 plist-3.6.0 /srv/gitlab/vendor/bundle/ruby/2.7.0/specifications/plist-3.6.0.gemspec ERROR: anchore_cve GHSA-q28m-8xjw-8vr5 puma-5.1.1 /srv/gitlab/vendor/bundle/ruby/2.7.0/specifications/puma-5.1.1.gemspec ERROR: anchore_cve VULNDB-218991 puma-5.1.1 /srv/gitlab/vendor/bundle/ruby/2.7.0/specifications/puma-5.1.1.gemspec ERROR: anchore_cve CVE-2021-3572 python3-pip-wheel-9.0.3-19.el8 None ERROR: twistlock_cve CVE-2020-17541 libjpeg-turbo-1.5.3-10.el8 None ERROR: twistlock_cve CVE-2021-32027 postgres-13.2 None Cleaning up file based variables ERROR: Job failed: command terminated with exit code 1

failed

check-cves

Check Cves

ERROR: anchore_cve                   CVE-2021-3541                 nokogiri-1.11.3               /srv/gitlab/vendor/bundle/ruby/2.7.0/specifications/nokogiri-1.11.3-x86_64-linux.gemspec    
ERROR: anchore_cve                   CVE-2021-33575                plist-3.6.0                   /srv/gitlab/vendor/bundle/ruby/2.7.0/specifications/plist-3.6.0.gemspec    
ERROR: anchore_cve                   GHSA-q28m-8xjw-8vr5           puma-5.1.1                    /srv/gitlab/vendor/bundle/ruby/2.7.0/specifications/puma-5.1.1.gemspec    
ERROR: anchore_cve                   VULNDB-218991                 puma-5.1.1                    /srv/gitlab/vendor/bundle/ruby/2.7.0/specifications/puma-5.1.1.gemspec    
ERROR: anchore_cve                   CVE-2021-3572                 python3-pip-wheel-9.0.3-19.el8    None                          
ERROR: twistlock_cve                 CVE-2020-17541                libjpeg-turbo-1.5.3-10.el8    None                          
ERROR: twistlock_cve                 CVE-2021-32027                postgres-13.2                 None                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1