UNCLASSIFIED

Skip to content

GitLab

Merge branch 'hardening_manifest' into 'development' 

Migrate to hardening_manifest.yaml

See merge request !18
19 jobs for development in 2 minutes and 6 seconds (queued for 15 seconds)
dcdb1adf
1 related merge request: !19 Development
Status Job ID Name Coverage
  .Pre
passed #2649895
ironbank
load scripts

00:00:14

 
  Preflight
passed #2649896
ironbank
folder structure

00:00:23

passed #2649897
ironbank
hardening_manifest

00:00:34

 
  Lint
passed #2649898
ironbank
wl compare lint

00:00:27

 
  Finding Compare
failed #2649899
ironbank allowed to fail
vat compare

00:00:44

 
  Import Artifacts
failed #2649900
ironbank
import artifacts

00:00:05

 
  Scan Artifacts
skipped #2649901
ironbank
clamav scan
 
  Build
skipped #2649902
ironbank-isolated
build
 
  Scanning
skipped #2649906
ironbank
anchore scan
skipped #2649903
ironbank
openscap compliance
skipped #2649904
ironbank
openscap cve
skipped #2649905
ironbank
twistlock scan
 
  Csv Output
skipped #2649907
ironbank
csv output
 
  Check Cves
skipped #2649908
ironbank allowed to fail
check cves
 
  Documentation
skipped #2649909
ironbank
sign image
skipped #2649910
ironbank
sign manifest
skipped #2649911
ironbank
write json documentation
 
  S3 Publish
skipped #2649912
ironbank
upload to s3
 
  Vat
skipped #2649913
ironbank
vat
 
Name Stage Failure
failed
import artifacts Import Artifacts There has been a runner system failure, please try again 
  on global-shared-gitlab-runner-89dbd4db8-mnp6b RKzCU9YR
Resolving secrets
Preparing the "kubernetes" executor
Using Kubernetes namespace: gitlab-runner
WARNING: Pulling GitLab Runner helper image from Docker Hub. Helper image is migrating to registry.gitlab.com, for more information see https://docs.gitlab.com/runner/configuration/advanced-configuration.html#migrating-helper-image-to-registrygitlabcom
Using Kubernetes executor with image ${GITLAB_INTERNAL_REGISTRY}/ironbank-tools/ironbank-pipeline/ib-pipeline-image:0.1 ...
Preparing environment
Waiting for pod gitlab-runner/runner-rkzcu9yr-project-618-concurrent-0cgbng to be running, status is Pending
ERROR: Job failed (system failure): prepare environment: image pull failed: rpc error: code = Unknown desc = failed to pull and unpack image "registry.dso.mil/ironbank-tools/ironbank-pipeline/ib-pipeline-image:0.1": failed to resolve reference "registry.dso.mil/ironbank-tools/ironbank-pipeline/ib-pipeline-image:0.1": failed to authorize: failed to fetch oauth token: Get https://repo1.dso.mil/jwt/auth?scope=repository%3Aironbank-tools%2Fironbank-pipeline%2Fib-pipeline-image%3Apull&service=container_registry: EOF. Check https://docs.gitlab.com/runner/shells/index.html#shell-profile-loading for more information
failed
vat compare Finding Compare 
('CVE-2020-13776', 'anchore_cve', 'systemd-239-41.el8_3.2\nhttps://access.redhat.com/security/cve/CVE-2020-13776', 'systemd-239-41.el8_3.2', None)
('CVE-2021-20305', 'anchore_cve', 'gnutls-3.6.14-7.el8_3\nhttps://access.redhat.com/security/cve/CVE-2021-20305', 'gnutls-3.6.14-7.el8_3', None)
('CVE-2020-13776', 'twistlock_cve', 'systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.', 'systemd-239-41.el8_3.2', None)
Uploading artifacts for failed job
Uploading artifacts...
ci-artifacts/compare/: found 2 matching files and directories 
Uploading artifacts as "archive" to coordinator... ok  id=2649899 responseStatus=201 Created token=YkRmb62e
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 4

UNCLASSIFIED