Pipeline · Ironbank Containers / Kinetica / Pathfinder / Packet Forwarder

Merge branch 'pre-development' into 'development'

update JAR to fix CVEs

See merge request !15

20 jobs for development in 12 minutes and 26 seconds (queued for 13 minutes and 14 seconds)

a8cb2272

Status	Job ID	Name
.Pre
passed	#2850373 ironbank	load scripts	00:00:07 Apr 20, 2021

Preflight
passed	#2850375 ironbank	folder structure	00:00:05 Apr 20, 2021
passed	#2850376 ironbank	hardening_manifest	00:00:11 Apr 20, 2021
passed	#2850374 ironbank	trufflehog	00:00:06 Apr 20, 2021

Lint
passed	#2850377 ironbank	wl compare lint	00:00:10 Apr 20, 2021

Finding Compare
failed	#2850378 ironbank allowed to fail	vat compare	00:00:10 Apr 20, 2021

Import Artifacts
passed	#2850379 ironbank	import artifacts	00:00:11 Apr 20, 2021

Scan Artifacts
passed	#2850380 ironbank	clamav scan	00:00:49 Apr 20, 2021

Build
passed	#2850381 ironbank-isolated	build	00:02:28 Apr 20, 2021

Scanning
passed	#2850382 ironbank	anchore scan	00:02:12 Apr 20, 2021
passed	#2850383 ironbank	openscap compliance	00:01:12 Apr 20, 2021
passed	#2850384 ironbank	openscap cve	00:04:19 Apr 20, 2021
passed	#2850385 ironbank	twistlock scan	00:00:24 Apr 20, 2021

Csv Output
passed	#2850386 ironbank	csv output	00:00:56 Apr 20, 2021

Check Cves
passed	#2850387 ironbank	check cves	00:00:17 Apr 20, 2021

Documentation
passed	#2850388 ironbank	sign image	00:00:42 Apr 20, 2021
passed	#2850389 ironbank	sign manifest	00:00:23 Apr 20, 2021
passed	#2850390 ironbank	write json documentation	00:00:23 Apr 20, 2021

S3 Publish
passed	#2850391 ironbank	upload to s3	00:01:51 Apr 20, 2021

Vat
passed	#2850392 ironbank	vat	00:00:08 Apr 20, 2021

Name Stage Failure

	Name	Stage	Failure
failed	vat compare	Finding Compare
	INFO: ('CVE-2020-35512', 'anchore_cve', 'dbus-libs-1.12.8-12.el8_3\nhttps://access.redhat.com/security/cve/CVE-2020-35512', 'dbus-libs-1.12.8-12.el8_3', None) INFO: ('CVE-2020-35512', 'anchore_cve', 'dbus-tools-1.12.8-12.el8_3\nhttps://access.redhat.com/security/cve/CVE-2020-35512', 'dbus-tools-1.12.8-12.el8_3', None) INFO: ('CVE-2020-13776', 'twistlock_cve', 'systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.', 'systemd-239-41.el8_3.1', None) Uploading artifacts for failed job Uploading artifacts... ci-artifacts/compare/: found 2 matching files and directories Uploading artifacts as "archive" to coordinator... ok id=2850378 responseStatus=201 Created token=W5yxgMib Cleaning up file based variables ERROR: Job failed: command terminated with exit code 4

failed

vat compare

Finding Compare

INFO: ('CVE-2020-35512', 'anchore_cve', 'dbus-libs-1.12.8-12.el8_3\nhttps://access.redhat.com/security/cve/CVE-2020-35512', 'dbus-libs-1.12.8-12.el8_3', None)
INFO: ('CVE-2020-35512', 'anchore_cve', 'dbus-tools-1.12.8-12.el8_3\nhttps://access.redhat.com/security/cve/CVE-2020-35512', 'dbus-tools-1.12.8-12.el8_3', None)
INFO: ('CVE-2020-13776', 'twistlock_cve', 'systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.', 'systemd-239-41.el8_3.1', None)
Uploading artifacts for failed job
Uploading artifacts...
ci-artifacts/compare/: found 2 matching files and directories 
Uploading artifacts as "archive" to coordinator... ok  id=2850378 responseStatus=201 Created token=W5yxgMib
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 4