Pipeline · Ironbank Containers / Opensource / ruby / ruby26

Merge branch 'hardening_manifest' into 'development'

removed label from Dockerfile

See merge request !21

19 jobs for development in 5 minutes and 54 seconds (queued for 38 seconds)

e8839b77

Status	Job ID	Name
.Pre
passed	#2649914 ironbank	load scripts	00:00:24 Apr 08, 2021

Preflight
passed	#2649915 ironbank	folder structure	00:00:16 Apr 08, 2021
passed	#2649916 ironbank	hardening_manifest	00:00:28 Apr 08, 2021

Lint
passed	#2649917 ironbank	wl compare lint	00:00:23 Apr 08, 2021

Finding Compare
failed	#2649918 ironbank allowed to fail	vat compare	00:00:10 Apr 08, 2021

Import Artifacts
passed	#2649919 ironbank	import artifacts	00:00:13 Apr 08, 2021

Scan Artifacts
passed	#2649920 ironbank	clamav scan	00:03:03 Apr 08, 2021

Build
failed	#2649921 ironbank-isolated	build	00:01:09 Apr 08, 2021

Scanning
skipped	#2649925 ironbank	anchore scan
skipped	#2649922 ironbank	openscap compliance
skipped	#2649923 ironbank	openscap cve
skipped	#2649924 ironbank	twistlock scan

Csv Output
skipped	#2649926 ironbank	csv output

Check Cves
skipped	#2649927 ironbank allowed to fail	check cves

Documentation
skipped	#2649928 ironbank	sign image
skipped	#2649929 ironbank	sign manifest
skipped	#2649930 ironbank	write json documentation

S3 Publish
skipped	#2649931 ironbank	upload to s3

Vat
skipped	#2649932 ironbank	vat

	Name	Stage
failed	build	Build
	`Uploading artifacts for failed job Uploading artifacts... ci-artifacts/build/: found 1 matching files and directories Uploading artifacts as "archive" to coordinator... ok id=2649921 responseStatus=201 Created token=9hDpJ6h6 Uploading artifacts... WARNING: build.env: no matching files ERROR: No files to upload Cleaning up file based variables ERROR: Job failed: command terminated with exit code 1`
failed	vat compare	Finding Compare
	('cbff271f45d32e78dcc1979dbca9c14d', 'anchore_comp', 'User root found as effective user, which is explicity not allowed\n Gate: dockerfile\n Trigger: effective_user\n Policy ID: DoDEffectiveUserChecks', None, None) ('CVE-2020-13776', 'twistlock_cve', 'systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.', 'systemd-239-41.el8_3.2', None) ('CVE-2020-13776', 'anchore_cve', 'systemd-libs-239-41.el8_3.2\nhttps://access.redhat.com/security/cve/CVE-2020-13776', 'systemd-libs-239-41.el8_3.2', None) Uploading artifacts for failed job Uploading artifacts... ci-artifacts/compare/: found 2 matching files and directories Uploading artifacts as "archive" to coordinator... ok id=2649918 responseStatus=201 Created token=YFYyCvxx Cleaning up file based variables ERROR: Job failed: command terminated with exit code 4