[0KRunning with gitlab-runner 13.8.0 (775dd39d)
[0;m[0K  on global-shared-gitlab-runner-89dbd4db8-mnp6b RKzCU9YR
[0;msection_start:1617988649:resolve_secrets[0K[0K[36;1mResolving secrets[0;m
[0;msection_end:1617988649:resolve_secrets[0Ksection_start:1617988649:prepare_executor[0K[0K[36;1mPreparing the "kubernetes" executor[0;m
[0;m[0KUsing Kubernetes namespace: gitlab-runner
[0;m[0;33mWARNING: Pulling GitLab Runner helper image from Docker Hub. Helper image is migrating to registry.gitlab.com, for more information see https://docs.gitlab.com/runner/configuration/advanced-configuration.html#migrating-helper-image-to-registrygitlabcom
[0;m[0KUsing Kubernetes executor with image ${GITLAB_INTERNAL_REGISTRY}/ironbank-tools/ironbank-pipeline/ib-pipeline-image:0.1 ...
[0;msection_end:1617988649:prepare_executor[0Ksection_start:1617988649:prepare_script[0K[0K[36;1mPreparing environment[0;m
[0;mWaiting for pod gitlab-runner/runner-rkzcu9yr-project-5681-concurrent-05f9jd to be running, status is Pending
Waiting for pod gitlab-runner/runner-rkzcu9yr-project-5681-concurrent-05f9jd to be running, status is Pending
	ContainersNotReady: "containers with unready status: [build helper]"
	ContainersNotReady: "containers with unready status: [build helper]"
Running on runner-rkzcu9yr-project-5681-concurrent-05f9jd via global-shared-gitlab-runner-89dbd4db8-mnp6b...
section_end:1617988655:prepare_script[0Ksection_start:1617988655:get_sources[0K[0K[36;1mGetting source from Git repository[0;m
[0;m[32;1mFetching changes with git depth set to 50...[0;m
Initialized empty Git repository in /builds/dsop/opensource/jupyter/jupyterhub-k8s-hub/.git/
[32;1mCreated fresh repository.[0;m
[32;1mChecking out e608a796 as development...[0;m

[32;1mSkipping Git submodules setup[0;m
section_end:1617988656:get_sources[0Ksection_start:1617988656:download_artifacts[0K[0K[36;1mDownloading artifacts[0;m
[0;m[32;1mDownloading artifacts for hardening_manifest (2665264)...[0;m
Downloading artifacts from coordinator... ok      [0;m  id[0;m=2665264 responseStatus[0;m=200 OK token[0;m=kECxEaLK
[32;1mDownloading artifacts for load scripts (2665262)...[0;m
Downloading artifacts from coordinator... ok      [0;m  id[0;m=2665262 responseStatus[0;m=200 OK token[0;m=afLG39Ec
[32;1mDownloading artifacts for wl compare lint (2665265)...[0;m
Downloading artifacts from coordinator... ok      [0;m  id[0;m=2665265 responseStatus[0;m=200 OK token[0;m=FskTkXuj
section_end:1617988656:download_artifacts[0Ksection_start:1617988656:step_script[0K[0K[36;1mExecuting "step_script" stage of the job script[0;m
[0;m[32;1m$ mkdir -p "${ARTIFACT_DIR}"[0;m
[32;1m$ set +e[0;m
[32;1m$ python3 "${PIPELINE_REPO_DIR}/stages/vat-finding-compare/vat_findings.py"[0;m
api set length: 137
db set length: 138
Findings are NOT the same!
There are CVEs from the api that are not returned by the query
There are CVEs from the query that are not returned by the api
Please run the development branch for this project before validating query/api data
Findings from api not in direct query
('VULNDB-250117', 'anchore_cve', 'python-3.8.8\nBug Tracker: https://bugs.python.org/issue43285\nVendor Specific Solution URL: https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e\nVendor Specific Solution URL: https://github.com/python/cpython/commit/7dcb4baa4f0fde3aef5122a8e9f6a41853ec9335\nVendor Specific Solution URL: https://github.com/python/cpython/commit/664d1d16274b47eea6ec92572e1ebf3939a6fa0c\nVendor Specific News/Changelog Entry: https://pythoninsider.blogspot.com/2021/04/python-393-and-389-are-now-available.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+PythonInsider+%28Python+Insider%29\nVendor Specific News/Changelog Entry: https://www.python.org/downloads/release/python-393/\nVendor Specific News/Changelog Entry: https://www.python.org/downloads/release/python-389/\nVendor Specific News/Changelog Entry: https://pythoninsider.blogspot.com/2021/04/python-394-hotfix-is-now-available.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+PythonInsider+%28Python+Insider%29\nVendor Specific News/Changelog Entry: https://docs.python.org/release/3.8.9/whatsnew/changelog.html#python-3-8-9\nVendor Specific News/Changelog Entry: https://docs.python.org/release/3.9.4/whatsnew/changelog.html#changelog\n', 'python-3.8.8', '/usr/local/bin/python3.8')
('CVE-2020-13776', 'anchore_cve', 'systemd-libs-239-41.el8_3.1\nhttps://access.redhat.com/security/cve/CVE-2020-13776', 'systemd-libs-239-41.el8_3.1', None)
('CVE-2020-13776', 'twistlock_cve', 'systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.', 'systemd-239-41.el8_3.1', None)
('CVE-2020-13776', 'anchore_cve', 'systemd-pam-239-41.el8_3.1\nhttps://access.redhat.com/security/cve/CVE-2020-13776', 'systemd-pam-239-41.el8_3.1', None)
('CVE-2020-13776', 'anchore_cve', 'systemd-239-41.el8_3.1\nhttps://access.redhat.com/security/cve/CVE-2020-13776', 'systemd-239-41.el8_3.1', None)
Findings from direct query not in api
('CVE-2020-13776', 'anchore_cve', 'systemd-libs-239-41.el8_3.2\nhttps://access.redhat.com/security/cve/CVE-2020-13776', 'systemd-libs-239-41.el8_3.2', None)
('CVE-2020-13776', 'anchore_cve', 'systemd-239-41.el8_3.2\nhttps://access.redhat.com/security/cve/CVE-2020-13776', 'systemd-239-41.el8_3.2', None)
('cbff271f45d32e78dcc1979dbca9c14d', 'anchore_comp', 'User root found as effective user, which is explicity not allowed\n Gate: dockerfile\n Trigger: effective_user\n Policy ID: DoDEffectiveUserChecks', None, None)
('CVE-2020-13776', 'anchore_cve', 'systemd-pam-239-41.el8_3.2\nhttps://access.redhat.com/security/cve/CVE-2020-13776', 'systemd-pam-239-41.el8_3.2', None)
('CVE-2020-13776', 'twistlock_cve', 'systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.', 'systemd-239-41.el8_3.2', None)
('41cb7cdf04850e33a11f80c42bf660b3', 'anchore_comp', "Dockerfile directive 'HEALTHCHECK' not found, matching condition 'not_exists' check\n Gate: dockerfile\n Trigger: instruction\n Policy ID: DoDDockerfileChecks", None, None)
section_end:1617988657:step_script[0Ksection_start:1617988657:upload_artifacts_on_failure[0K[0K[36;1mUploading artifacts for failed job[0;m
[0;m[32;1mUploading artifacts...[0;m
ci-artifacts/compare/: found 2 matching files and directories[0;m 
Uploading artifacts as "archive" to coordinator... ok[0;m  id[0;m=2665266 responseStatus[0;m=201 Created token[0;m=vxo97M2t
section_end:1617988658:upload_artifacts_on_failure[0Ksection_start:1617988658:cleanup_file_variables[0K[0K[36;1mCleaning up file based variables[0;m
[0;msection_end:1617988658:cleanup_file_variables[0K[31;1mERROR: Job failed: command terminated with exit code 4
[0;m