UNCLASSIFIED

Merge branch 'development' into 'master'

Development

See merge request !39
19 jobs for master in 57 minutes and 29 seconds (queued for 25 minutes and 41 seconds)
Status Job ID Name Coverage
  .Pre
passed #2605022
ironbank
load scripts

00:01:06

 
  Preflight
passed #2605023
ironbank
folder structure

00:01:12

passed #2605024
ironbank
hardening_manifest

00:01:48

 
  Lint
passed #2605025
ironbank
wl compare lint

00:01:34

 
  Finding Compare
failed #2605026
ironbank allowed to fail
vat compare

00:01:45

 
  Import Artifacts
passed #2605027
ironbank
import artifacts

00:02:25

 
  Scan Artifacts
passed #2605028
ironbank
clamav scan

00:08:11

 
  Build
passed #2605029
ironbank-isolated
build

00:04:18

 
  Scanning
passed #2605033
ironbank
anchore scan

00:04:27

passed #2605030
ironbank
openscap compliance

00:08:43

passed #2605031
ironbank
openscap cve

00:30:48

passed #2605032
ironbank
twistlock scan

00:01:59

 
  Csv Output
passed #2605034
ironbank
csv output

00:01:16

 
  Check Cves
passed #2605035
ironbank
check cves

00:01:43

 
  Documentation
passed #2605036
ironbank
sign image

00:00:48

passed #2605037
ironbank
sign manifest

00:00:39

passed #2605038
ironbank
write json documentation

00:00:34

 
  Publish
failed #2605040
ironbank
harbor

00:00:18

passed #2605039
ironbank
upload to s3

00:01:41

 
Name Stage Failure
failed
harbor Publish
Executing "step_script" stage of the job script
$ python3 "${PIPELINE_REPO_DIR}/stages/publish/upload_to_harbor.py"
INFO: Log level set to info
INFO: Logging into vault
INFO: Log in successful
INFO: [MASKED]/v1/kv/il2/notary/pipeline/delegation/0
ERROR: Could not find key for registry1.dso.mil/ironbank/opensource/fluentd/fluentd - Please speak to an Administrator
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1
failed
vat compare Finding Compare
('CVE-2020-25613', 'twistlock_cve', 'An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack.', 'webrick-1.4.2', None)
('cbff271f45d32e78dcc1979dbca9c14d', 'anchore_comp', 'User root found as effective user, which is explicity not allowed\n Gate: dockerfile\n Trigger: effective_user\n Policy ID: DoDEffectiveUserChecks', None, None)
('41cb7cdf04850e33a11f80c42bf660b3', 'anchore_comp', "Dockerfile directive 'HEALTHCHECK' not found, matching condition 'not_exists' check\n Gate: dockerfile\n Trigger: instruction\n Policy ID: DoDDockerfileChecks", None, None)
Uploading artifacts for failed job
ci-artifacts/compare/: found 2 matching files and directories
Uploading artifacts...
Uploading artifacts as "archive" to coordinator... ok
id=2605026 responseStatus=201 Created token=ru-rm9_x
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 4