Running with gitlab-runner 13.12.0 (7a6612da)  on dsop-shared-gitlab-runner-5fcd8977b8-m6qmr JrExJ6yx  feature flags: FF_USE_LEGACY_KUBERNETES_EXECUTION_STRATEGY:false section_start:1631066114:resolve_secrets Resolving secrets section_end:1631066114:resolve_secrets section_start:1631066114:prepare_executor Preparing the "kubernetes" executor Using Kubernetes namespace: gitlab-runner-ironbank-dsop Using Kubernetes executor with image registry1.dso.mil/ironbank/ironbank-pipelines/pipeline-runner:0.3 ... Using attach strategy to execute scripts... section_end:1631066114:prepare_executor section_start:1631066114:prepare_script Preparing environment Waiting for pod gitlab-runner-ironbank-dsop/runner-jrexj6yx-project-5092-concurrent-0lbwfx to be running, status is Pending Waiting for pod gitlab-runner-ironbank-dsop/runner-jrexj6yx-project-5092-concurrent-0lbwfx to be running, status is Pending ContainersNotReady: "containers with unready status: [build helper istio-proxy]" ContainersNotReady: "containers with unready status: [build helper istio-proxy]" Running on runner-jrexj6yx-project-5092-concurrent-0lbwfx via dsop-shared-gitlab-runner-5fcd8977b8-m6qmr... section_end:1631066120:prepare_script section_start:1631066120:get_sources Getting source from Git repository $ until [ $(curl --fail --silent --output /dev/stderr --write-out "%{http_code}" localhost:15020/healthz/ready) -eq 200 ]; do echo Waiting for Sidecar; sleep 3 ; done ; echo Sidecar available; Sidecar available Fetching changes with git depth set to 50... Initialized empty Git repository in /builds/JrExJ6yx/0/dsop/opensource/gdal/gdal/.git/ Created fresh repository. Checking out 73510a34 as renovate/osgeo-gdal-3.x... Skipping Git submodules setup section_end:1631066121:get_sources section_start:1631066121:download_artifacts Downloading artifacts Downloading artifacts for anchore-scan (6310657)... Downloading artifacts from coordinator... ok  id=6310657 responseStatus=200 OK token=3zRmkrh9 WARNING: ci-artifacts/scan-results/anchore/: lchown ci-artifacts/scan-results/anchore/: operation not permitted (suppressing repeats) Downloading artifacts for hardening-manifest (6310651)... Downloading artifacts from coordinator... ok  id=6310651 responseStatus=200 OK token=p3P5C_m_ WARNING: ci-artifacts/preflight/: lchown ci-artifacts/preflight/: operation not permitted (suppressing repeats) Downloading artifacts for load-scripts (6310648)... Downloading artifacts from coordinator... ok  id=6310648 responseStatus=200 OK token=3DPVQzK1 WARNING: ci-artifacts/[MASKED]/: lchown ci-artifacts/[MASKED]/: operation not permitted (suppressing repeats) Downloading artifacts for openscap-compliance (6310658)... Downloading artifacts from coordinator... ok  id=6310658 responseStatus=200 OK token=xzgHfDfw WARNING: ci-artifacts/scan-results/openscap/: lchown ci-artifacts/scan-results/openscap/: operation not permitted (suppressing repeats) Downloading artifacts for twistlock-scan (6310659)... Downloading artifacts from coordinator... ok  id=6310659 responseStatus=200 OK token=3FP3YYAd WARNING: ci-artifacts/scan-results/twistlock/: lchown ci-artifacts/scan-results/twistlock/: operation not permitted (suppressing repeats) Downloading artifacts for wl-compare-lint (6310652)... Downloading artifacts from coordinator... ok  id=6310652 responseStatus=200 OK token=3DZsDcm2 WARNING: ci-artifacts/lint/: lchown ci-artifacts/lint/: operation not permitted (suppressing repeats) section_end:1631066122:download_artifacts section_start:1631066122:step_script Executing "step_script" stage of the job script $ pip3 install jsonschema # collapsed multi-line command Requirement already satisfied: jsonschema in /usr/local/lib/python3.9/site-packages (3.2.0) Requirement already satisfied: attrs>=17.4.0 in /usr/local/lib/python3.9/site-packages (from jsonschema) (21.2.0) Requirement already satisfied: setuptools in /usr/local/lib/python3.9/site-packages (from jsonschema) (56.1.0) Requirement already satisfied: pyrsistent>=0.14.0 in /usr/local/lib/python3.9/site-packages (from jsonschema) (0.17.3) Requirement already satisfied: six>=1.11.0 in /usr/local/lib/python3.9/site-packages (from jsonschema) (1.15.0) WARNING: Running pip as root will break packages and permissions. You should install packages reliably by using venv: https://pip.pypa.io/warnings/venv WARNING: You are using pip version 21.1.1; however, version 21.2.4 is available. You should consider upgrading via the '/usr/local/bin/python3.9 -m pip install --upgrade pip' command. INFO: Log level set to info INFO: Number of whitelisted vulnerabilities: 137 WARNING: Error writing log line to trace: transform: short internal buffer INFO: Vulnerabilities found in scanning stage: 179 WARNING: Error writing log line to trace: transform: short internal buffer 7', package='rpm-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_comp', cve_id='bcd159901fe47efddae5c095b4b0d7fd', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35937', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3580', package='nettle-3.4.1-4.el8_3', package_path=None), Finding(scan_source='anchore_comp', cve_id='698044205a9c4a6d48b7937e66a6bf4f', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36086', package='libsepol-2.9-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3733', package='platform-python-3.6.8-37.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='c4ad80832b361f81df2a31e5b6b09864', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2019-20838', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3737', package='platform-python-3.6.8-37.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22898', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-35521', package='libtiff-4.0.9-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2018-25012', package='libwebp-1.0.0-3.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-36331', package='libwebp-1.0.0-3.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-35521', package='libtiff-4.0.9-18.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-33560', package='libgcrypt-1.8.5-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-27845', package='openjpeg2-2.3.1-6.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-36085', package='libsepol-2.9-2.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2018-25009', package='libwebp-1.0.0-3.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-35522', package='libtiff-4.0.9-18.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33929', package='libsolv-0.7.16-2.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-27843', package='openjpeg2-2.3.1-6.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-35938', package='python3-rpm-4.14.3-14.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-build-libs-4.14.3-14.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-36332', package='libwebp-1.0.0-3.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-33574', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80938-4', package=None, package_path=None)} ERROR: NON-WHITELISTED VULNERABILITIES FOUND ERROR: Number of non-whitelisted vulnerabilities: 42 ERROR: The following vulnerabilities are not whitelisted: ERROR: scan_source cve_id package package_path ERROR: anchore_comp 41cb7cdf04850e33a11f80c42bf660b3 None None ERROR: anchore_cve CVE-2020-17541 libjpeg-turbo-1.5.3-10.el8 None ERROR: anchore_cve CVE-2020-35521 libtiff-4.0.9-18.el8 None ERROR: anchore_cve CVE-2020-35522 libtiff-4.0.9-18.el8 None ERROR: anchore_cve CVE-2020-35523 libtiff-4.0.9-18.el8 None ERROR: anchore_cve CVE-2020-35524 libtiff-4.0.9-18.el8 None ERROR: anchore_cve CVE-2018-25009 libwebp-1.0.0-3.el8_4 None ERROR: anchore_cve CVE-2018-25010 libwebp-1.0.0-3.el8_4 None ERROR: anchore_cve CVE-2018-25012 libwebp-1.0.0-3.el8_4 None ERROR: anchore_cve CVE-2018-25013 libwebp-1.0.0-3.el8_4 None ERROR: anchore_cve CVE-2018-25014 libwebp-1.0.0-3.el8_4 None ERROR: anchore_cve CVE-2020-36330 libwebp-1.0.0-3.el8_4 None ERROR: anchore_cve CVE-2020-36331 libwebp-1.0.0-3.el8_4 None ERROR: anchore_cve CVE-2020-36332 libwebp-1.0.0-3.el8_4 None ERROR: anchore_cve CVE-2020-15389 openjpeg2-2.3.1-6.el8 None ERROR: anchore_cve CVE-2020-27814 openjpeg2-2.3.1-6.el8 None ERROR: anchore_cve CVE-2020-27823 openjpeg2-2.3.1-6.el8 None ERROR: anchore_cve CVE-2020-27824 openjpeg2-2.3.1-6.el8 None ERROR: anchore_cve CVE-2020-27842 openjpeg2-2.3.1-6.el8 None ERROR: anchore_cve CVE-2020-27843 openjpeg2-2.3.1-6.el8 None ERROR: anchore_cve CVE-2020-27845 openjpeg2-2.3.1-6.el8 None ERROR: anchore_cve CVE-2021-29338 openjpeg2-2.3.1-6.el8 None ERROR: anchore_cve CVE-2021-3575 openjpeg2-2.3.1-6.el8 None ERROR: twistlock_cve CVE-2020-17541 libjpeg-turbo-1.5.3-10.el8 None ERROR: twistlock_cve CVE-2020-35521 libtiff-4.0.9-18.el8 None ERROR: twistlock_cve CVE-2020-35522 libtiff-4.0.9-18.el8 None ERROR: twistlock_cve CVE-2020-35523 libtiff-4.0.9-18.el8 None ERROR: twistlock_cve CVE-2020-35524 libtiff-4.0.9-18.el8 None ERROR: twistlock_cve CVE-2018-25009 libwebp-1.0.0-3.el8_4 None ERROR: twistlock_cve CVE-2018-25010 libwebp-1.0.0-3.el8_4 None ERROR: twistlock_cve CVE-2018-25012 libwebp-1.0.0-3.el8_4 None ERROR: twistlock_cve CVE-2018-25013 libwebp-1.0.0-3.el8_4 None ERROR: twistlock_cve CVE-2018-25014 libwebp-1.0.0-3.el8_4 None ERROR: twistlock_cve CVE-2020-36330 libwebp-1.0.0-3.el8_4 None ERROR: twistlock_cve CVE-2020-36331 libwebp-1.0.0-3.el8_4 None ERROR: twistlock_cve CVE-2020-36332 libwebp-1.0.0-3.el8_4 None ERROR: twistlock_cve CVE-2020-27814 openjpeg2-2.3.1-6.el8 None ERROR: twistlock_cve CVE-2020-27823 openjpeg2-2.3.1-6.el8 None ERROR: twistlock_cve CVE-2020-27824 openjpeg2-2.3.1-6.el8 None ERROR: twistlock_cve CVE-2020-27842 openjpeg2-2.3.1-6.el8 None ERROR: twistlock_cve CVE-2020-27843 openjpeg2-2.3.1-6.el8 None ERROR: twistlock_cve CVE-2020-27845 openjpeg2-2.3.1-6.el8 None section_end:1631066123:step_script section_start:1631066123:cleanup_file_variables Cleaning up file based variables section_end:1631066124:cleanup_file_variables ERROR: Job failed: command terminated with exit code 1