Pipeline · Ironbank Containers / Opensource / apache / activemq

You need to sign in or sign up before continuing.

Merge branch 'jo-update-artifacts/maintainer' into 'development'

updated hardening_manifest.yaml

See merge request !20

18 jobs for development in 12 minutes and 24 seconds (queued for 13 minutes and 25 seconds)

d4dd250a

Status	Job ID	Name
.Pre
passed	#6083719	load-scripts	00:00:14 Aug 30, 2021

Preflight
passed	#6083721	folder-structure	00:00:19 Aug 30, 2021
passed	#6083722	hardening-manifest	00:00:12 Aug 30, 2021
passed	#6083720	trufflehog	00:00:10 Aug 30, 2021

Lint
passed	#6083723	wl-compare-lint	00:00:14 Aug 30, 2021

Import Artifacts
passed	#6083724	import-artifacts	00:00:22 Aug 30, 2021

Scan Artifacts
passed	#6083725	clamav-scan	00:01:12 Aug 30, 2021

Build
passed	#6083726	build	00:01:59 Aug 30, 2021

Post Build
passed	#6083727	create-tar	00:00:55 Aug 30, 2021

Scanning
passed	#6083728	anchore-scan	00:05:09 Aug 30, 2021
passed	#6083729 ironbank-dsop-privileged	openscap-compliance	00:01:17 Aug 30, 2021
passed	#6083730	twistlock-scan	00:02:12 Aug 30, 2021

Csv Output
passed	#6083731	csv-output	00:00:30 Aug 30, 2021

Check Cves
failed	#6083732 allowed to fail	check-cves	00:00:14 Aug 30, 2021

Documentation
passed	#6083733	ib-manifest	00:00:15 Aug 30, 2021
passed	#6083734	write-json-docs	00:00:13 Aug 30, 2021

S3 Publish
passed	#6083735	upload-to-s3	00:00:26 Aug 30, 2021

Vat
passed	#6083736	vat	00:00:27 Aug 30, 2021

Name Stage Failure

	Name	Stage	Failure
failed	check-cves	Check Cves
	ERROR: anchore_cve CVE-2021-39153 xstream-1.4.17 /apache-activemq/lib/optional/xstream-1.4.17.jar ERROR: anchore_cve CVE-2021-39154 xstream-1.4.17 /apache-activemq/lib/optional/xstream-1.4.17.jar ERROR: anchore_cve VULNDB-264109 xstream-1.4.17 /apache-activemq/lib/optional/xstream-1.4.17.jar ERROR: twistlock_cve CVE-2020-8908 com.google.guava_guava-28.2-jre None ERROR: twistlock_cve PRISMA-2021-0055 commons-codec_commons-codec-1.11 None ERROR: twistlock_cve CVE-2019-17571 log4j_log4j-1.2.17 None ERROR: twistlock_cve CVE-2020-9488 log4j_log4j-1.2.17 None Cleaning up file based variables ERROR: Job failed: command terminated with exit code 1

failed

check-cves

Check Cves

ERROR: anchore_cve                   CVE-2021-39153                xstream-1.4.17                /apache-activemq/lib/optional/xstream-1.4.17.jar    
ERROR: anchore_cve                   CVE-2021-39154                xstream-1.4.17                /apache-activemq/lib/optional/xstream-1.4.17.jar    
ERROR: anchore_cve                   VULNDB-264109                 xstream-1.4.17                /apache-activemq/lib/optional/xstream-1.4.17.jar    
ERROR: twistlock_cve                 CVE-2020-8908                 com.google.guava_guava-28.2-jre    None                          
ERROR: twistlock_cve                 PRISMA-2021-0055              commons-codec_commons-codec-1.11    None                          
ERROR: twistlock_cve                 CVE-2019-17571                log4j_log4j-1.2.17            None                          
ERROR: twistlock_cve                 CVE-2020-9488                 log4j_log4j-1.2.17            None                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1