Running with gitlab-runner 13.12.0 (7a6612da)  on dsop-shared-gitlab-runner-5fcd8977b8-gs4wg ocoP_jy4  feature flags: FF_USE_LEGACY_KUBERNETES_EXECUTION_STRATEGY:false section_start:1631308480:resolve_secrets Resolving secrets section_end:1631308480:resolve_secrets section_start:1631308480:prepare_executor Preparing the "kubernetes" executor Using Kubernetes namespace: gitlab-runner-ironbank-dsop Using Kubernetes executor with image registry1.dso.mil/ironbank/ironbank-pipelines/pipeline-runner:0.3 ... Using attach strategy to execute scripts... section_end:1631308480:prepare_executor section_start:1631308480:prepare_script Preparing environment Waiting for pod gitlab-runner-ironbank-dsop/runner-ocopjy4-project-6370-concurrent-0sg4dz to be running, status is Pending Waiting for pod gitlab-runner-ironbank-dsop/runner-ocopjy4-project-6370-concurrent-0sg4dz to be running, status is Pending ContainersNotReady: "containers with unready status: [build helper istio-proxy]" ContainersNotReady: "containers with unready status: [build helper istio-proxy]" Running on runner-ocopjy4-project-6370-concurrent-0sg4dz via dsop-shared-gitlab-runner-5fcd8977b8-gs4wg... section_end:1631308486:prepare_script section_start:1631308486:get_sources Getting source from Git repository $ until [ $(curl --fail --silent --output /dev/stderr --write-out "%{http_code}" localhost:15020/healthz/ready) -eq 200 ]; do echo Waiting for Sidecar; sleep 3 ; done ; echo Sidecar available; Sidecar available Fetching changes with git depth set to 50... Initialized empty Git repository in /builds/ocoP_jy4/0/dsop/opensource/jenkins/jenkinsfile-runner/.git/ Created fresh repository. Checking out d1ac30ba as cve-fix-war... Skipping Git submodules setup section_end:1631308486:get_sources section_start:1631308486:download_artifacts Downloading artifacts Downloading artifacts for anchore-scan (6363615)... Downloading artifacts from coordinator... ok  id=6363615 responseStatus=200 OK token=ncsYB4cv WARNING: ci-artifacts/scan-results/anchore/: lchown ci-artifacts/scan-results/anchore/: operation not permitted (suppressing repeats) Downloading artifacts for hardening-manifest (6363609)... Downloading artifacts from coordinator... ok  id=6363609 responseStatus=200 OK token=2hyHUzKi WARNING: ci-artifacts/preflight/: lchown ci-artifacts/preflight/: operation not permitted (suppressing repeats) Downloading artifacts for load-scripts (6363606)... Downloading artifacts from coordinator... ok  id=6363606 responseStatus=200 OK token=2qNgtuCh WARNING: ci-artifacts/[MASKED]/: lchown ci-artifacts/[MASKED]/: operation not permitted (suppressing repeats) Downloading artifacts for openscap-compliance (6363616)... Downloading artifacts from coordinator... ok  id=6363616 responseStatus=200 OK token=3Gmnyzii WARNING: ci-artifacts/scan-results/openscap/: lchown ci-artifacts/scan-results/openscap/: operation not permitted (suppressing repeats) Downloading artifacts for twistlock-scan (6363617)... Downloading artifacts from coordinator... ok  id=6363617 responseStatus=200 OK token=BX4RvuEk WARNING: ci-artifacts/scan-results/twistlock/: lchown ci-artifacts/scan-results/twistlock/: operation not permitted (suppressing repeats) Downloading artifacts for wl-compare-lint (6363610)... Downloading artifacts from coordinator... ok  id=6363610 responseStatus=200 OK token=st_US8AU WARNING: ci-artifacts/lint/: lchown ci-artifacts/lint/: operation not permitted (suppressing repeats) section_end:1631308487:download_artifacts section_start:1631308487:step_script Executing "step_script" stage of the job script $ pip3 install jsonschema # collapsed multi-line command Requirement already satisfied: jsonschema in /usr/local/lib/python3.9/site-packages (3.2.0) Requirement already satisfied: attrs>=17.4.0 in /usr/local/lib/python3.9/site-packages (from jsonschema) (21.2.0) Requirement already satisfied: six>=1.11.0 in /usr/local/lib/python3.9/site-packages (from jsonschema) (1.15.0) Requirement already satisfied: pyrsistent>=0.14.0 in /usr/local/lib/python3.9/site-packages (from jsonschema) (0.17.3) Requirement already satisfied: setuptools in /usr/local/lib/python3.9/site-packages (from jsonschema) (56.1.0) WARNING: Running pip as root will break packages and permissions. You should install packages reliably by using venv: https://pip.pypa.io/warnings/venv WARNING: You are using pip version 21.1.1; however, version 21.2.4 is available. You should consider upgrading via the '/usr/local/bin/python3.9 -m pip install --upgrade pip' command. INFO: Log level set to info INFO: Number of whitelisted vulnerabilities: 144 WARNING: Error writing log line to trace: transform: short internal buffer INFO: Vulnerabilities found in scanning stage: 238 WARNING: Error writing log line to trace: transform: short internal buffer WARNING: Error writing log line to trace: transform: short internal buffer ERROR: NON-WHITELISTED VULNERABILITIES FOUND ERROR: Number of non-whitelisted vulnerabilities: 95 ERROR: The following vulnerabilities are not whitelisted: ERROR: scan_source cve_id package package_path ERROR: anchore_comp 41cb7cdf04850e33a11f80c42bf660b3 None None ERROR: anchore_cve CVE-2021-36373 ant-1.10.9 /app/jenkins/WEB-INF/lib/ant-1.10.9.jar ERROR: anchore_cve CVE-2021-36373 ant-1.10.9 /app/repo/org/apache/ant/ant/1.10.9/ant-1.10.9.jar ERROR: anchore_cve CVE-2021-36374 ant-1.10.9 /app/jenkins/WEB-INF/lib/ant-1.10.9.jar ERROR: anchore_cve CVE-2021-36374 ant-1.10.9 /app/repo/org/apache/ant/ant/1.10.9/ant-1.10.9.jar ERROR: anchore_cve CVE-2020-35492 cairo-1.15.12-3.el8 None ERROR: anchore_cve CVE-2021-35515 commons-compress-1.20 /app/jenkins/WEB-INF/lib/commons-compress-1.20.jar ERROR: anchore_cve CVE-2021-35516 commons-compress-1.20 /app/jenkins/WEB-INF/lib/commons-compress-1.20.jar ERROR: anchore_cve CVE-2021-35517 commons-compress-1.20 /app/jenkins/WEB-INF/lib/commons-compress-1.20.jar ERROR: anchore_cve CVE-2021-36090 commons-compress-1.20 /app/jenkins/WEB-INF/lib/commons-compress-1.20.jar ERROR: anchore_cve VULNDB-256815 commons-compress-1.20 /app/jenkins/WEB-INF/lib/commons-compress-1.20.jar ERROR: anchore_cve VULNDB-257084 commons-compress-1.20 /app/jenkins/WEB-INF/lib/commons-compress-1.20.jar ERROR: anchore_cve CVE-2021-35515 commons_compress-1.20 /app/jenkins/WEB-INF/lib/commons-compress-1.20.jar ERROR: anchore_cve CVE-2021-35516 commons_compress-1.20 /app/jenkins/WEB-INF/lib/commons-compress-1.20.jar ERROR: anchore_cve CVE-2021-35517 commons_compress-1.20 /app/jenkins/WEB-INF/lib/commons-compress-1.20.jar ERROR: anchore_cve CVE-2021-36090 commons_compress-1.20 /app/jenkins/WEB-INF/lib/commons-compress-1.20.jar ERROR: anchore_cve VULNDB-106409 commons_digester-2.1 /app/jenkins/WEB-INF/lib/commons-digester-2.1.jar ERROR: anchore_cve VULNDB-106409 commons_digester-2.1 /app/repo/commons-digester/commons-digester/2.1/commons-digester-2.1.jar ERROR: anchore_cve GHSA-gchq-9r68-6jwv credentials-2.3.15 /app/repo/org/jenkins-ci/plugins/credentials/2.3.15/credentials-2.3.15.jar ERROR: anchore_cve CVE-2020-27828 jasper-libs-2.0.14-4.el8 None ERROR: anchore_cve CVE-2021-26926 jasper-libs-2.0.14-4.el8 None ERROR: anchore_cve CVE-2021-26927 jasper-libs-2.0.14-4.el8 None ERROR: anchore_cve CVE-2021-3272 jasper-libs-2.0.14-4.el8 None ERROR: anchore_cve CVE-2021-31535 libX11-1.6.8-4.el8 None ERROR: anchore_cve CVE-2021-31535 libX11-common-1.6.8-4.el8 None ERROR: anchore_cve CVE-2020-35521 libtiff-4.0.9-18.el8 None ERROR: anchore_cve CVE-2020-35522 libtiff-4.0.9-18.el8 None ERROR: anchore_cve CVE-2020-35523 libtiff-4.0.9-18.el8 None ERROR: anchore_cve CVE-2020-35524 libtiff-4.0.9-18.el8 None ERROR: anchore_cve CVE-2021-30129 sshd-2.5.1 /app/jenkins/WEB-INF/lib/cli-2.289.1.jar:sshd-common ERROR: anchore_cve CVE-2021-30129 sshd-2.5.1 /app/jenkins/WEB-INF/lib/cli-2.289.1.jar:sshd-core ERROR: anchore_cve GHSA-9279-7hph-r3xw sshd-core-2.5.1 /app/jenkins/WEB-INF/lib/cli-2.289.1.jar:sshd-core ERROR: anchore_cve CVE-2021-29505 xstream-1.4.16 /app/jenkins/WEB-INF/lib/xstream-1.4.16.jar ERROR: anchore_cve GHSA-2q8x-2p7f-574v xstream-1.4.16 /app/jenkins/WEB-INF/lib/xstream-1.4.16.jar ERROR: anchore_cve GHSA-3ccq-5vw3-2p6x xstream-1.4.16 /app/jenkins/WEB-INF/lib/xstream-1.4.16.jar ERROR: anchore_cve GHSA-64xx-cq4q-mf44 xstream-1.4.16 /app/jenkins/WEB-INF/lib/xstream-1.4.16.jar ERROR: anchore_cve GHSA-6w62-hx7r-mw68 xstream-1.4.16 /app/jenkins/WEB-INF/lib/xstream-1.4.16.jar ERROR: anchore_cve GHSA-6wf9-jmg9-vxcc xstream-1.4.16 /app/jenkins/WEB-INF/lib/xstream-1.4.16.jar ERROR: anchore_cve GHSA-8jrj-525p-826v xstream-1.4.16 /app/jenkins/WEB-INF/lib/xstream-1.4.16.jar ERROR: anchore_cve GHSA-cxfm-5m4g-x7xp xstream-1.4.16 /app/jenkins/WEB-INF/lib/xstream-1.4.16.jar ERROR: anchore_cve GHSA-g5w6-mrj7-75h2 xstream-1.4.16 /app/jenkins/WEB-INF/lib/xstream-1.4.16.jar ERROR: anchore_cve GHSA-h7v4-7xg3-hxcc xstream-1.4.16 /app/jenkins/WEB-INF/lib/xstream-1.4.16.jar ERROR: anchore_cve GHSA-hph2-m3g5-xxv4 xstream-1.4.16 /app/jenkins/WEB-INF/lib/xstream-1.4.16.jar ERROR: anchore_cve GHSA-j9h8-phrw-h4fh xstream-1.4.16 /app/jenkins/WEB-INF/lib/xstream-1.4.16.jar ERROR: anchore_cve GHSA-p8pq-r894-fm8f xstream-1.4.16 /app/jenkins/WEB-INF/lib/xstream-1.4.16.jar ERROR: anchore_cve GHSA-qrx8-8545-4wg2 xstream-1.4.16 /app/jenkins/WEB-INF/lib/xstream-1.4.16.jar ERROR: anchore_cve GHSA-xw4p-crpj-vjx2 xstream-1.4.16 /app/jenkins/WEB-INF/lib/xstream-1.4.16.jar ERROR: twistlock_cve CVE-2020-35492 cairo-1.15.12-3.el8 None ERROR: twistlock_cve CVE-2021-29505 com.thoughtworks.xstream_xstream-1.4.16 None ERROR: twistlock_cve CVE-2021-39139 com.thoughtworks.xstream_xstream-1.4.16 None ERROR: twistlock_cve CVE-2021-39140 com.thoughtworks.xstream_xstream-1.4.16 None ERROR: twistlock_cve CVE-2021-39141 com.thoughtworks.xstream_xstream-1.4.16 None ERROR: twistlock_cve CVE-2021-39144 com.thoughtworks.xstream_xstream-1.4.16 None ERROR: twistlock_cve CVE-2021-39145 com.thoughtworks.xstream_xstream-1.4.16 None ERROR: twistlock_cve CVE-2021-39146 com.thoughtworks.xstream_xstream-1.4.16 None ERROR: twistlock_cve CVE-2021-39147 com.thoughtworks.xstream_xstream-1.4.16 None ERROR: twistlock_cve CVE-2021-39148 com.thoughtworks.xstream_xstream-1.4.16 None ERROR: twistlock_cve CVE-2021-39149 com.thoughtworks.xstream_xstream-1.4.16 None ERROR: twistlock_cve CVE-2021-39150 com.thoughtworks.xstream_xstream-1.4.16 None ERROR: twistlock_cve CVE-2021-39151 com.thoughtworks.xstream_xstream-1.4.16 None ERROR: twistlock_cve CVE-2021-39152 com.thoughtworks.xstream_xstream-1.4.16 None ERROR: twistlock_cve CVE-2021-39153 com.thoughtworks.xstream_xstream-1.4.16 None ERROR: twistlock_cve CVE-2021-39154 com.thoughtworks.xstream_xstream-1.4.16 None ERROR: twistlock_cve CVE-2007-3716 java-1.8.0_302 None ERROR: twistlock_cve CVE-2008-1191 java-1.8.0_302 None ERROR: twistlock_cve CVE-2008-3103 java-1.8.0_302 None ERROR: twistlock_cve CVE-2008-3105 java-1.8.0_302 None ERROR: twistlock_cve CVE-2008-3106 java-1.8.0_302 None ERROR: twistlock_cve CVE-2008-3109 java-1.8.0_302 None ERROR: twistlock_cve CVE-2008-3110 java-1.8.0_302 None ERROR: twistlock_cve CVE-2008-5347 java-1.8.0_302 None ERROR: twistlock_cve CVE-2008-5349 java-1.8.0_302 None ERROR: twistlock_cve CVE-2008-5352 java-1.8.0_302 None ERROR: twistlock_cve CVE-2008-5358 java-1.8.0_302 None ERROR: twistlock_cve CVE-2021-21670 jenkins-2.277.2 None ERROR: twistlock_cve CVE-2021-21671 jenkins-2.277.2 None ERROR: twistlock_cve CVE-2021-22112 jenkins-2.277.2 None ERROR: twistlock_cve CVE-2021-21670 jenkins-2.289.1 None ERROR: twistlock_cve CVE-2021-21671 jenkins-2.289.1 None ERROR: twistlock_cve CVE-2021-31535 libX11-1.6.8-4.el8 None ERROR: twistlock_cve CVE-2020-35521 libtiff-4.0.9-18.el8 None ERROR: twistlock_cve CVE-2020-35522 libtiff-4.0.9-18.el8 None ERROR: twistlock_cve CVE-2020-35523 libtiff-4.0.9-18.el8 None ERROR: twistlock_cve CVE-2020-35524 libtiff-4.0.9-18.el8 None ERROR: twistlock_cve CVE-2021-35515 org.apache.commons_commons-compress-1.20 None ERROR: twistlock_cve CVE-2021-35516 org.apache.commons_commons-compress-1.20 None ERROR: twistlock_cve CVE-2021-35517 org.apache.commons_commons-compress-1.20 None ERROR: twistlock_cve CVE-2021-36090 org.apache.commons_commons-compress-1.20 None ERROR: twistlock_cve CVE-2021-28169 org.eclipse.jetty_jetty-io-9.4.39.v20210325 None ERROR: twistlock_cve CVE-2021-34428 org.eclipse.jetty_jetty-io-9.4.39.v20210325 None ERROR: twistlock_cve CVE-2021-34429 org.eclipse.jetty_jetty-io-9.4.39.v20210325 None ERROR: twistlock_cve CVE-2021-21670 org.jenkins-ci.main_jenkins-core-2.277.2 None ERROR: twistlock_cve CVE-2021-21671 org.jenkins-ci.main_jenkins-core-2.277.2 None ERROR: twistlock_cve CVE-2021-21670 org.jenkins-ci.main_jenkins-core-2.289.1 None ERROR: twistlock_cve CVE-2021-21671 org.jenkins-ci.main_jenkins-core-2.289.1 None section_end:1631308489:step_script section_start:1631308489:cleanup_file_variables Cleaning up file based variables section_end:1631308489:cleanup_file_variables ERROR: Job failed: command terminated with exit code 1