Pipeline · Ironbank Containers / Opensource / istio / 1.9 / istioctl

Merge branch 'development' into 'master'

v1.9.2

See merge request !15

21 jobs for master in 12 minutes and 18 seconds (queued for 7 seconds)

64f019db

Status	Job ID	Name
.Pre
passed	#2606468 ironbank	load scripts	00:00:10 Apr 05, 2021

Preflight
passed	#2606469 ironbank	folder structure	00:00:09 Apr 05, 2021
passed	#2606470 ironbank	hardening_manifest	00:00:14 Apr 05, 2021

Lint
passed	#2606471 ironbank	wl compare lint	00:00:11 Apr 05, 2021

Finding Compare
failed	#2606829 ironbank allowed to fail	vat compare	00:00:08 Apr 05, 2021
failed	#2606472 ironbank allowed to fail	vat compare	00:00:07 Apr 05, 2021

Import Artifacts
passed	#2606473 ironbank	import artifacts	00:00:10 Apr 05, 2021

Scan Artifacts
passed	#2606474 ironbank	clamav scan	00:00:33 Apr 05, 2021

Build
passed	#2606475 ironbank-isolated	build	00:01:16 Apr 05, 2021

Scanning
passed	#2606479 ironbank	anchore scan	00:02:01 Apr 05, 2021
passed	#2606476 ironbank	openscap compliance	00:00:55 Apr 05, 2021
passed	#2606477 ironbank	openscap cve	00:05:58 Apr 05, 2021
passed	#2606478 ironbank	twistlock scan	00:00:37 Apr 05, 2021

Csv Output
passed	#2606480 ironbank	csv output	00:00:49 Apr 05, 2021

Check Cves
passed	#2606481 ironbank	check cves	00:00:20 Apr 05, 2021

Documentation
passed	#2606482 ironbank	sign image	00:00:29 Apr 05, 2021
passed	#2606483 ironbank	sign manifest	00:00:19 Apr 05, 2021
passed	#2606484 ironbank	write json documentation	00:00:20 Apr 05, 2021

Publish
passed	#2606830 ironbank	harbor	00:00:26 Apr 05, 2021
passed	#2606485 ironbank	upload to s3	00:01:26 Apr 05, 2021
failed	#2606486 ironbank	harbor	00:00:16 Apr 05, 2021

Name Stage Failure

	Name	Stage	Failure
failed	vat compare	Finding Compare
	('41cb7cdf04850e33a11f80c42bf660b3', 'anchore_comp', "Dockerfile directive 'HEALTHCHECK' not found, matching condition 'not_exists' check\n Gate: dockerfile\n Trigger: instruction\n Policy ID: DoDDockerfileChecks", None, None) ('cbff271f45d32e78dcc1979dbca9c14d', 'anchore_comp', 'User root found as effective user, which is explicity not allowed\n Gate: dockerfile\n Trigger: effective_user\n Policy ID: DoDEffectiveUserChecks', None, None) ('CVE-2021-22876', 'twistlock_cve', 'curl 7.1.1 to and including 7.75.0 is vulnerable to an \\"Exposure of Private Personal Information to an Unauthorized Actor\\" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.', 'curl-7.61.1-14.el8_3.1', None) Uploading artifacts for failed job Uploading artifacts... ci-artifacts/compare/: found 2 matching files and directories Uploading artifacts as "archive" to coordinator... ok id=2606829 responseStatus=201 Created token=Q7WLikjP Cleaning up file based variables ERROR: Job failed: command terminated with exit code 4

failed

vat compare

Finding Compare

('41cb7cdf04850e33a11f80c42bf660b3', 'anchore_comp', "Dockerfile directive 'HEALTHCHECK' not found, matching condition 'not_exists' check\n Gate: dockerfile\n Trigger: instruction\n Policy ID: DoDDockerfileChecks", None, None)
('cbff271f45d32e78dcc1979dbca9c14d', 'anchore_comp', 'User root found as effective user, which is explicity not allowed\n Gate: dockerfile\n Trigger: effective_user\n Policy ID: DoDEffectiveUserChecks', None, None)
('CVE-2021-22876', 'twistlock_cve', 'curl 7.1.1 to and including 7.75.0 is vulnerable to an \\"Exposure of Private Personal Information to an Unauthorized Actor\\" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.', 'curl-7.61.1-14.el8_3.1', None)
Uploading artifacts for failed job
Uploading artifacts...
ci-artifacts/compare/: found 2 matching files and directories 
Uploading artifacts as "archive" to coordinator... ok  id=2606829 responseStatus=201 Created token=Q7WLikjP
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 4