UNCLASSIFIED

Skip to content

GitLab

Merge branch 'renovate/node' into 'development' 

Update node:10.24 Docker digest to 5e3ebdd

See merge request !17
19 jobs for development in 19 minutes and 17 seconds (queued for 21 minutes and 17 seconds)
c280245a
1 related merge request: !20 Development
Status Job ID Name Coverage
  .Pre
passed #2666558
ironbank
load scripts

00:00:10

 
  Preflight
passed #2666559
ironbank
folder structure

00:00:05

passed #2666560
ironbank
hardening_manifest

00:00:09

 
  Lint
passed #2666561
ironbank
wl compare lint

00:00:09

 
  Finding Compare
failed #2666562
ironbank allowed to fail
vat compare

00:00:06

 
  Import Artifacts
passed #2666563
ironbank
import artifacts

00:02:08

 
  Scan Artifacts
passed #2666564
ironbank
clamav scan

00:06:19

 
  Build
passed #2666565
ironbank-isolated
build

00:03:09

 
  Scanning
passed #2666569
ironbank
anchore scan

00:02:48

passed #2666566
ironbank
openscap compliance

00:00:58

passed #2666567
ironbank
openscap cve

00:04:03

passed #2666568
ironbank
twistlock scan

00:00:44

 
  Csv Output
passed #2666570
ironbank
csv output

00:00:52

 
  Check Cves
failed #2666571
ironbank allowed to fail
check cves

00:00:18

 
  Documentation
passed #2666572
ironbank
sign image

00:00:24

passed #2666573
ironbank
sign manifest

00:00:19

passed #2666574
ironbank
write json documentation

00:00:21

 
  S3 Publish
passed #2666575
ironbank
upload to s3

00:01:15

 
  Vat
passed #2666576
ironbank
vat

00:00:07

 
Name Stage Failure
failed
check cves Check Cves 
ERROR: NON-WHITELISTED VULNERABILITIES FOUND
ERROR: Number of non-whitelisted vulnerabilities: 3
ERROR: The following vulnerabilities are not whitelisted:
ERROR: scan_source                   cve_id                        package                       package_path                  
ERROR: anchore_cve                   CVE-2021-27290                ssri-6.0.1                    /usr/local/lib/node_modules/npm/node_modules/ssri/package.json    
ERROR: anchore_cve                   GHSA-vx3p-948g-6vhq           ssri-6.0.1                    /usr/local/lib/node_modules/npm/node_modules/ssri/package.json    
ERROR: twistlock_cve                 CVE-2021-27290                ssri-6.0.1                    None                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1
failed
vat compare Finding Compare 
Findings from api not in direct query
Findings from direct query not in api
('cbff271f45d32e78dcc1979dbca9c14d', 'anchore_comp', 'User root found as effective user, which is explicity not allowed\n Gate: dockerfile\n Trigger: effective_user\n Policy ID: DoDEffectiveUserChecks', None, None)
Uploading artifacts for failed job
Uploading artifacts...
ci-artifacts/compare/: found 2 matching files and directories 
Uploading artifacts as "archive" to coordinator... ok  id=2666562 responseStatus=201 Created token=JWmdndyL
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 4

UNCLASSIFIED