Pipeline · Ironbank Containers / MITRE / SAF / heimdall2

Merge branch...

Merge branch 'renovate/registry1.dso.mil-ironbank-opensource-nodejs-nodejs14-14.x' into 'development'

Update registry1.dso.mil/ironbank/opensource/nodejs/nodejs14 Docker tag to v14.17.6

See merge request !33

18 jobs for development in 29 minutes and 44 seconds (queued for 31 minutes and 6 seconds)

Status	Job ID	Name
.Pre
passed	#6165918	load-scripts	00:00:14 Sep 02, 2021

Preflight
passed	#6165920	folder-structure	00:00:09 Sep 02, 2021
passed	#6165921	hardening-manifest	00:00:24 Sep 02, 2021
passed	#6165919	trufflehog	00:00:29 Sep 02, 2021

Lint
passed	#6165922	wl-compare-lint	00:00:13 Sep 02, 2021

Import Artifacts
passed	#6165923	import-artifacts	00:02:21 Sep 02, 2021

Scan Artifacts
passed	#6165924	clamav-scan	00:02:24 Sep 02, 2021

Build
passed	#6165925	build	00:04:00 Sep 02, 2021

Post Build
passed	#6165926	create-tar	00:00:55 Sep 02, 2021

Scanning
passed	#6165927	anchore-scan	00:16:00 Sep 02, 2021
passed	#6165928 ironbank-dsop-privileged	openscap-compliance	00:02:36 Sep 02, 2021
passed	#6165929	twistlock-scan	00:02:22 Sep 02, 2021

Csv Output
passed	#6165930	csv-output	00:01:28 Sep 02, 2021

Check Cves
failed	#6165931 allowed to fail	check-cves	00:00:17 Sep 02, 2021

Documentation
passed	#6165932	ib-manifest	00:00:12 Sep 02, 2021
passed	#6165933	write-json-docs	00:00:18 Sep 02, 2021

S3 Publish
passed	#6165934	upload-to-s3	00:00:30 Sep 02, 2021

Vat
passed	#6165935	vat	00:00:28 Sep 02, 2021

Name Stage Failure

	Name	Stage	Failure
failed	check-cves	Check Cves
	ERROR: Number of non-whitelisted vulnerabilities: 4 ERROR: The following vulnerabilities are not whitelisted: ERROR: scan_source cve_id package package_path ERROR: anchore_cve CVE-2021-3749 axios-0.21.1 /heimdall/apps/backend/node_modules/axios/package.json ERROR: anchore_cve CVE-2017-18589 cookie-0.4.0 /heimdall/apps/backend/node_modules/express/node_modules/cookie/package.json ERROR: twistlock_cve CVE-2021-3749 axios-0.21.1 None ERROR: twistlock_cve PRISMA-2021-0063 validator-10.11.0 None Cleaning up file based variables ERROR: Job failed: command terminated with exit code 1

failed

check-cves

Check Cves

ERROR: Number of non-whitelisted vulnerabilities: 4
ERROR: The following vulnerabilities are not whitelisted:
ERROR: scan_source                   cve_id                        package                       package_path                  
ERROR: anchore_cve                   CVE-2021-3749                 axios-0.21.1                  /heimdall/apps/backend/node_modules/axios/package.json    
ERROR: anchore_cve                   CVE-2017-18589                cookie-0.4.0                  /heimdall/apps/backend/node_modules/express/node_modules/cookie/package.json    
ERROR: twistlock_cve                 CVE-2021-3749                 axios-0.21.1                  None                          
ERROR: twistlock_cve                 PRISMA-2021-0063              validator-10.11.0             None                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1