Running with gitlab-runner 13.8.0 (775dd39d)  on dsop-shared-gitlab-runner-5f4b468dff-8vfv5 BsbAJu5w section_start:1623280807:resolve_secrets Resolving secrets section_end:1623280807:resolve_secrets section_start:1623280807:prepare_executor Preparing the "kubernetes" executor Using Kubernetes namespace: gitlab-runner-ironbank-dsop WARNING: Pulling GitLab Runner helper image from Docker Hub. Helper image is migrating to registry.gitlab.com, for more information see https://docs.gitlab.com/runner/configuration/advanced-configuration.html#migrating-helper-image-to-registrygitlabcom Using Kubernetes executor with image registry1.dso.mil/ironbank/ironbank-pipelines/pipeline-runner:0.3 ... section_end:1623280807:prepare_executor section_start:1623280807:prepare_script Preparing environment Waiting for pod gitlab-runner-ironbank-dsop/runner-bsbaju5w-project-6370-concurrent-0t5bkp to be running, status is Pending Waiting for pod gitlab-runner-ironbank-dsop/runner-bsbaju5w-project-6370-concurrent-0t5bkp to be running, status is Pending ContainersNotReady: "containers with unready status: [build helper]" ContainersNotReady: "containers with unready status: [build helper]" Running on runner-bsbaju5w-project-6370-concurrent-0t5bkp via dsop-shared-gitlab-runner-5f4b468dff-8vfv5... section_end:1623280813:prepare_script section_start:1623280813:get_sources Getting source from Git repository Fetching changes with git depth set to 50... Initialized empty Git repository in /builds/dsop/opensource/jenkins/jenkinsfile-runner/.git/ Created fresh repository. Checking out 66bac7e4 as xstream-fix... Skipping Git submodules setup section_end:1623280814:get_sources section_start:1623280814:download_artifacts Downloading artifacts Downloading artifacts for anchore-scan (3977557)... Downloading artifacts from coordinator... ok  id=3977557 responseStatus=200 OK token=irLS55cN Downloading artifacts for hardening-manifest (3977552)... Downloading artifacts from coordinator... ok  id=3977552 responseStatus=200 OK token=Q-PHAPxj Downloading artifacts for load-scripts (3977549)... Downloading artifacts from coordinator... ok  id=3977549 responseStatus=200 OK token=1gRzgL92 Downloading artifacts for openscap-compliance (3977558)... Downloading artifacts from coordinator... ok  id=3977558 responseStatus=200 OK token=CyiAyKGV Downloading artifacts for twistlock-scan (3977559)... Downloading artifacts from coordinator... ok  id=3977559 responseStatus=200 OK token=4UkuGrMY Downloading artifacts for wl-compare-lint (3977553)... Downloading artifacts from coordinator... ok  id=3977553 responseStatus=200 OK token=3sM27HfT section_end:1623280815:download_artifacts section_start:1623280815:step_script Executing "step_script" stage of the job script $ pip3 install jsonschema # collapsed multi-line command Requirement already satisfied: jsonschema in /usr/local/lib/python3.9/site-packages (3.2.0) Requirement already satisfied: setuptools in /usr/local/lib/python3.9/site-packages (from jsonschema) (56.1.0) Requirement already satisfied: six>=1.11.0 in /usr/local/lib/python3.9/site-packages (from jsonschema) (1.15.0) Requirement already satisfied: pyrsistent>=0.14.0 in /usr/local/lib/python3.9/site-packages (from jsonschema) (0.17.3) Requirement already satisfied: attrs>=17.4.0 in /usr/local/lib/python3.9/site-packages (from jsonschema) (21.2.0) WARNING: Running pip as root will break packages and permissions. You should install packages reliably by using venv: https://pip.pypa.io/warnings/venv WARNING: You are using pip version 21.1.1; however, version 21.1.2 is available. You should consider upgrading via the '/usr/local/bin/python3.9 -m pip install --upgrade pip' command. INFO: Log level set to info INFO: Number of whitelisted vulnerabilities: 118 INFO: Whitelisted vulnerabilities: {Finding(scan_source='anchore_cve', cve_id='CVE-2021-3541', package='libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12401', package='nss-util-3.53.1-17.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-15945', package='lua-5.3.4-11.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3516', package='libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-15945', package='lua-5.3.4-11.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20271', package='rpm-libs-4.14.3-13.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-28153', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='python3-rpm-4.14.3-13.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82360-9', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82395-5', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3520', package='lz4-libs-1.8.3-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-libs-4.14.3-13.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-10001', package='cups-libs-2.2.6-38.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-build-libs-4.14.3-13.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3200', package='libsolv-0.7.16-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23840', package='openssl-libs-1.1.1g-15.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-softokn-3.53.1-17.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20231', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3517', package='python3-libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3200', package='libsolv-0.7.16-2.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='abb121e9621abdd452f65844954cf1c1', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82959-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20271', package='python3-rpm-4.14.3-13.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='463a9a24225c26f7a5bf3f38908e5cb3', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82267-6', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-33574', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82473-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-build-libs-4.14.3-13.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='python3-hawkey-0.55.0-7.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3537', package='libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22876', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='639f6f1177735759703e928c14714a59', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22876', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82220-5', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20271', package='rpm-build-libs-4.14.3-13.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82472-2', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82494-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-config-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12401', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-28153', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='anchore_comp', cve_id='bcd159901fe47efddae5c095b4b0d7fd', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='python3-libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-softokn-freebl-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3517', package='libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-util-3.53.1-17.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-12401', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='python3-rpm-4.14.3-13.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3426', package='platform-python-3.6.8-37.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3518', package='libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20231', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20232', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12401', package='nss-sysinit-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_comp', cve_id='e7573262736ef52353cde3bae2617782', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27218', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3518', package='libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82985-3', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2019-20838', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20232', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3518', package='python3-libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3421', package='rpm-4.14.3-13.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3537', package='libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2019-20838', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-4.14.3-13.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='3456a263793066e9b5063ada6e47917d', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='3e5fad1c039f3ecfd1dcdc94d2f1f9a0', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-27218', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20271', package='rpm-4.14.3-13.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-14155', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='c4ad80832b361f81df2a31e5b6b09864', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-sysinit-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_comp', cve_id='c2e44319ae5b3b040044d8ae116d1c2f', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23841', package='openssl-libs-1.1.1g-15.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24370', package='lua-5.3.4-11.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-14155', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22876', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='320a97c6816565eedf3545833df99dd0', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='698044205a9c4a6d48b7937e66a6bf4f', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='addbb93c22e9b0988b8b40392a4538cb', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3580', package='nettle-3.4.1-4.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3517', package='libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3537', package='python3-libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82368-2', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12401', package='nss-softokn-3.53.1-17.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-16135', package='libssh-0.9.4-2.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80935-0', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-25648', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3516', package='libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80938-4', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3541', package='python3-libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20266', package='rpm-4.14.3-13.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3516', package='python3-libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3572', package='python3-pip-wheel-9.0.3-19.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24370', package='lua-libs-5.3.4-11.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3445', package='libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-83401-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82949-9', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='34de21e516c0ca50a96e5386f163f8bf', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-24032', package='libzstd-1.4.4-1.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82979-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-15945', package='lua-libs-5.3.4-11.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82474-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3468', package='avahi-libs-0.7-20.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-4.14.3-13.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82168-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82214-8', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82880-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12401', package='nss-softokn-freebl-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-libs-4.14.3-13.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3426', package='python3-libs-3.6.8-37.el8', package_path=None)} INFO: Vulnerabilities found in scanning stage: 162 INFO: {Finding(scan_source='anchore_cve', cve_id='CVE-2021-3541', package='libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12401', package='nss-util-3.53.1-17.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-15945', package='lua-5.3.4-11.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-21346', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3516', package='libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-15945', package='lua-5.3.4-11.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21343', package='com.thoughtworks.xstream_xstream-1.4.15', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2016-1000031', package='commons-fileupload_commons-fileupload-1.3.1-jenkins-2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20271', package='rpm-libs-4.14.3-13.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21349', package='com.thoughtworks.xstream_xstream-1.4.15', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-28153', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='python3-rpm-4.14.3-13.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-21347', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='anchore_cve', cve_id='GHSA-74cv-f58x-f9wf', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82360-9', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82395-5', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21350', package='com.thoughtworks.xstream_xstream-1.4.15', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3520', package='lz4-libs-1.8.3-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-libs-4.14.3-13.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-10001', package='cups-libs-2.2.6-38.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-build-libs-4.14.3-13.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-hwpc-8xqv-jvj4', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3200', package='libsolv-0.7.16-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23840', package='openssl-libs-1.1.1g-15.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-softokn-3.53.1-17.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20231', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3517', package='python3-libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3200', package='libsolv-0.7.16-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-56p8-3fh9-4cvq', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='anchore_cve', cve_id='GHSA-59jw-jqf4-3wq3', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='anchore_comp', cve_id='abb121e9621abdd452f65844954cf1c1', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82959-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20271', package='python3-rpm-4.14.3-13.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='463a9a24225c26f7a5bf3f38908e5cb3', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82267-6', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-33574', package='glibc-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-21342', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82473-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-build-libs-4.14.3-13.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='python3-hawkey-0.55.0-7.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3537', package='libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22876', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='639f6f1177735759703e928c14714a59', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-hrcp-8f3q-4w2c', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21346', package='com.thoughtworks.xstream_xstream-1.4.15', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22876', package='libcurl-7.61.1-18.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82220-5', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21341', package='com.thoughtworks.xstream_xstream-1.4.15', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20271', package='rpm-build-libs-4.14.3-13.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-6phf-73q6-gh87', package='commons-beanutils-1.9.3', package_path='/app/jenkins/WEB-INF/lib/commons-beanutils-1.9.3.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21347', package='com.thoughtworks.xstream_xstream-1.4.15', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82472-2', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-21341', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82494-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-config-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-21343', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12401', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-common-2.28-151.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-28153', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21351', package='com.thoughtworks.xstream_xstream-1.4.15', package_path=None), Finding(scan_source='anchore_comp', cve_id='bcd159901fe47efddae5c095b4b0d7fd', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='python3-libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-softokn-freebl-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3517', package='libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-21351', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-util-3.53.1-17.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-12401', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='python3-rpm-4.14.3-13.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-33574', package='glibc-minimal-langpack-2.28-151.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21348', package='com.thoughtworks.xstream_xstream-1.4.15', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3426', package='platform-python-3.6.8-37.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-hvv8-336g-rx3m', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3518', package='libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21342', package='com.thoughtworks.xstream_xstream-1.4.15', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-2p3x-qw9c-25hh', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20231', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20232', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21344', package='com.thoughtworks.xstream_xstream-1.4.15', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12401', package='nss-sysinit-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-14145', package='openssh-clients-8.0p1-6.el8_4.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-f6hm-88x3-mfjv', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27218', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='anchore_comp', cve_id='e7573262736ef52353cde3bae2617782', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3518', package='libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82985-3', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20232', package='gnutls-3.6.14-8.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2019-20838', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3518', package='python3-libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3421', package='rpm-4.14.3-13.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-fvm3-cfvj-gxqq', package='commons-fileupload-1.3.1-jenkins-2', package_path='/app/jenkins/WEB-INF/lib/commons-fileupload-1.3.1-jenkins-2.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3537', package='libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-21344', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2019-20838', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-21345', package='com.thoughtworks.xstream_xstream-1.4.15', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-4.14.3-13.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='3456a263793066e9b5063ada6e47917d', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-27218', package='glib2-2.56.4-10.el8_4', package_path=None), Finding(scan_source='anchore_comp', cve_id='3e5fad1c039f3ecfd1dcdc94d2f1f9a0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20271', package='rpm-4.14.3-13.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22118', package='spring-core_spring-core-5.2.12', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-14155', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='c4ad80832b361f81df2a31e5b6b09864', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-sysinit-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_comp', cve_id='c2e44319ae5b3b040044d8ae116d1c2f', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23841', package='openssl-libs-1.1.1g-15.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24370', package='lua-5.3.4-11.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-14155', package='pcre-8.42-4.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22876', package='curl-7.61.1-18.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='320a97c6816565eedf3545833df99dd0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-7chv-rrw6-w6fc', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3580', package='nettle-3.4.1-4.el8_3', package_path=None), Finding(scan_source='anchore_comp', cve_id='698044205a9c4a6d48b7937e66a6bf4f', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='addbb93c22e9b0988b8b40392a4538cb', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3517', package='libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-21350', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3537', package='python3-libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82368-2', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-16135', package='libssh-0.9.4-2.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80935-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12401', package='nss-softokn-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3516', package='libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-25648', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80938-4', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3541', package='python3-libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20266', package='rpm-4.14.3-13.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3516', package='python3-libxml2-2.9.7-9.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3572', package='python3-pip-wheel-9.0.3-19.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-25648', package='nss-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-7x9j-7223-rg5m', package='commons-fileupload-1.3.1-jenkins-2', package_path='/app/jenkins/WEB-INF/lib/commons-fileupload-1.3.1-jenkins-2.jar'), Finding(scan_source='anchore_cve', cve_id='GHSA-qpfq-ph7r-qv6f', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24370', package='lua-libs-5.3.4-11.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3445', package='libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-21349', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-83401-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-43gc-mjxg-gvrq', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='libdnf-0.55.0-7.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82949-9', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-21345', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='anchore_cve', cve_id='CVE-2020-14145', package='openssh-8.0p1-6.el8_4.2', package_path=None), Finding(scan_source='anchore_comp', cve_id='34de21e516c0ca50a96e5386f163f8bf', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-24032', package='libzstd-1.4.4-1.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82979-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-15945', package='lua-libs-5.3.4-11.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-21348', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-14145', package='openssh-8.0p1-6.el8_4.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='GHSA-4hrm-m67v-5cxr', package='xstream-1.4.15', package_path='/app/jenkins/WEB-INF/lib/xstream-1.4.15.jar'), Finding(scan_source='oscap_comp', cve_id='CCE-82474-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3468', package='avahi-libs-0.7-20.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-4.14.3-13.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82168-6', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2019-10086', package='commons-beanutils_commons-beanutils-1.9.3', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82214-8', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82880-6', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='41cb7cdf04850e33a11f80c42bf660b3', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-12401', package='nss-softokn-freebl-3.53.1-17.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-libs-4.14.3-13.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3426', package='python3-libs-3.6.8-37.el8', package_path=None)} ERROR: NON-WHITELISTED VULNERABILITIES FOUND ERROR: Number of non-whitelisted vulnerabilities: 44 ERROR: The following vulnerabilities are not whitelisted: ERROR: scan_source cve_id package package_path ERROR: anchore_comp 41cb7cdf04850e33a11f80c42bf660b3 None None ERROR: anchore_cve GHSA-6phf-73q6-gh87 commons-beanutils-1.9.3 /app/jenkins/WEB-INF/lib/commons-beanutils-1.9.3.jar ERROR: anchore_cve GHSA-7x9j-7223-rg5m commons-fileupload-1.3.1-jenkins-2 /app/jenkins/WEB-INF/lib/commons-fileupload-1.3.1-jenkins-2.jar ERROR: anchore_cve GHSA-fvm3-cfvj-gxqq commons-fileupload-1.3.1-jenkins-2 /app/jenkins/WEB-INF/lib/commons-fileupload-1.3.1-jenkins-2.jar ERROR: anchore_cve CVE-2020-14145 openssh-8.0p1-6.el8_4.2 None ERROR: anchore_cve CVE-2020-14145 openssh-clients-8.0p1-6.el8_4.2 None ERROR: anchore_cve CVE-2021-21341 xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve CVE-2021-21342 xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve CVE-2021-21343 xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve CVE-2021-21344 xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve CVE-2021-21345 xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve CVE-2021-21346 xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve CVE-2021-21347 xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve CVE-2021-21348 xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve CVE-2021-21349 xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve CVE-2021-21350 xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve CVE-2021-21351 xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve GHSA-2p3x-qw9c-25hh xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve GHSA-43gc-mjxg-gvrq xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve GHSA-4hrm-m67v-5cxr xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve GHSA-56p8-3fh9-4cvq xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve GHSA-59jw-jqf4-3wq3 xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve GHSA-74cv-f58x-f9wf xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve GHSA-7chv-rrw6-w6fc xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve GHSA-f6hm-88x3-mfjv xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve GHSA-hrcp-8f3q-4w2c xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve GHSA-hvv8-336g-rx3m xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve GHSA-hwpc-8xqv-jvj4 xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: anchore_cve GHSA-qpfq-ph7r-qv6f xstream-1.4.15 /app/jenkins/WEB-INF/lib/xstream-1.4.15.jar ERROR: twistlock_cve CVE-2021-21341 com.thoughtworks.xstream_xstream-1.4.15 None ERROR: twistlock_cve CVE-2021-21342 com.thoughtworks.xstream_xstream-1.4.15 None ERROR: twistlock_cve CVE-2021-21343 com.thoughtworks.xstream_xstream-1.4.15 None ERROR: twistlock_cve CVE-2021-21344 com.thoughtworks.xstream_xstream-1.4.15 None ERROR: twistlock_cve CVE-2021-21345 com.thoughtworks.xstream_xstream-1.4.15 None ERROR: twistlock_cve CVE-2021-21346 com.thoughtworks.xstream_xstream-1.4.15 None ERROR: twistlock_cve CVE-2021-21347 com.thoughtworks.xstream_xstream-1.4.15 None ERROR: twistlock_cve CVE-2021-21348 com.thoughtworks.xstream_xstream-1.4.15 None ERROR: twistlock_cve CVE-2021-21349 com.thoughtworks.xstream_xstream-1.4.15 None ERROR: twistlock_cve CVE-2021-21350 com.thoughtworks.xstream_xstream-1.4.15 None ERROR: twistlock_cve CVE-2021-21351 com.thoughtworks.xstream_xstream-1.4.15 None ERROR: twistlock_cve CVE-2019-10086 commons-beanutils_commons-beanutils-1.9.3 None ERROR: twistlock_cve CVE-2016-1000031 commons-fileupload_commons-fileupload-1.3.1-jenkins-2 None ERROR: twistlock_cve CVE-2020-14145 openssh-8.0p1-6.el8_4.2 None ERROR: twistlock_cve CVE-2021-22118 spring-core_spring-core-5.2.12 None section_end:1623280819:step_script section_start:1623280819:cleanup_file_variables Cleaning up file based variables section_end:1623280820:cleanup_file_variables ERROR: Job failed: command terminated with exit code 1