UNCLASSIFIED

Skip to content

GitLab

Merge branch 'renovate/node' into 'development' 

Update node:10.24 Docker digest to 686e0e8

See merge request !18
20 jobs for development in 38 minutes and 21 seconds (queued for 37 minutes and 57 seconds)
d22b621d
1 related merge request: !20 Development
Status Job ID Name Coverage
  .Pre
passed #2814018
ironbank
load scripts

00:00:19

 
  Preflight
passed #2814020
ironbank
folder structure

00:00:31

passed #2814021
ironbank
hardening_manifest

00:00:43

passed #2814019
ironbank
trufflehog

00:00:31

 
  Lint
passed #2814022
ironbank
wl compare lint

00:00:20

 
  Finding Compare
failed #2814023
ironbank allowed to fail
vat compare

00:00:17

 
  Import Artifacts
passed #2814024
ironbank
import artifacts

00:02:29

 
  Scan Artifacts
passed #2814025
ironbank
clamav scan

00:07:06

 
  Build
passed #2814026
ironbank-isolated
build

00:03:57

 
  Scanning
passed #2814030
ironbank
anchore scan

00:03:31

passed #2814027
ironbank
openscap compliance

00:01:44

passed #2814028
ironbank
openscap cve

00:14:56

passed #2814029
ironbank
twistlock scan

00:00:51

 
  Csv Output
passed #2814031
ironbank
csv output

00:01:24

 
  Check Cves
failed #2814032
ironbank allowed to fail
check cves

00:02:59

 
  Documentation
passed #2814033
ironbank
sign image

00:01:04

passed #2814034
ironbank
sign manifest

00:01:02

passed #2814035
ironbank
write json documentation

00:01:07

 
  S3 Publish
passed #2814036
ironbank
upload to s3

00:01:43

 
  Vat
passed #2814037
ironbank
vat

00:00:49

 
Name Stage Failure
failed
check cves Check Cves 
ERROR: NON-WHITELISTED VULNERABILITIES FOUND
ERROR: Number of non-whitelisted vulnerabilities: 3
ERROR: The following vulnerabilities are not whitelisted:
ERROR: scan_source                   cve_id                        package                       package_path                  
ERROR: anchore_cve                   CVE-2021-27290                ssri-6.0.1                    /usr/local/lib/node_modules/npm/node_modules/ssri/package.json    
ERROR: anchore_cve                   GHSA-vx3p-948g-6vhq           ssri-6.0.1                    /usr/local/lib/node_modules/npm/node_modules/ssri/package.json    
ERROR: twistlock_cve                 CVE-2021-23362                hosted-git-info-2.8.8         None                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1
failed
vat compare Finding Compare 
INFO: ('CVE-2021-20231', 'twistlock_cve', 'A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.', 'gnutls-3.6.14-7.el8_3', None)
INFO: ('CVE-2021-20305', 'anchore_cve', 'gnutls-3.6.14-7.el8_3\nhttps://access.redhat.com/security/cve/CVE-2021-20305', 'gnutls-3.6.14-7.el8_3', None)
INFO: ('CVE-2021-20232', 'anchore_cve', 'gnutls-3.6.14-7.el8_3\nhttps://access.redhat.com/security/cve/CVE-2021-20232', 'gnutls-3.6.14-7.el8_3', None)
Uploading artifacts for failed job
Uploading artifacts...
ci-artifacts/compare/: found 2 matching files and directories 
Uploading artifacts as "archive" to coordinator... ok  id=2814023 responseStatus=201 Created token=HHPJ9wiu
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 4

UNCLASSIFIED