UNCLASSIFIED

Merge branch 'hardening_manifest' into 'development'

removed label from Dockerfile

See merge request !21
19 jobs for development in 5 minutes and 54 seconds (queued for 38 seconds)
Status Job ID Name Coverage
  .Pre
passed #2649914
ironbank
load scripts

00:00:24

 
  Preflight
passed #2649915
ironbank
folder structure

00:00:16

passed #2649916
ironbank
hardening_manifest

00:00:28

 
  Lint
passed #2649917
ironbank
wl compare lint

00:00:23

 
  Finding Compare
failed #2649918
ironbank allowed to fail
vat compare

00:00:10

 
  Import Artifacts
passed #2649919
ironbank
import artifacts

00:00:13

 
  Scan Artifacts
passed #2649920
ironbank
clamav scan

00:03:03

 
  Build
failed #2649921
ironbank-isolated
build

00:01:09

 
  Scanning
skipped #2649925
ironbank
anchore scan
skipped #2649922
ironbank
openscap compliance
skipped #2649923
ironbank
openscap cve
skipped #2649924
ironbank
twistlock scan
 
  Csv Output
skipped #2649926
ironbank
csv output
 
  Check Cves
skipped #2649927
ironbank allowed to fail
check cves
 
  Documentation
skipped #2649928
ironbank
sign image
skipped #2649929
ironbank
sign manifest
skipped #2649930
ironbank
write json documentation
 
  S3 Publish
skipped #2649931
ironbank
upload to s3
 
  Vat
skipped #2649932
ironbank
vat
 
Name Stage Failure
failed
build Build
Uploading artifacts for failed job
Uploading artifacts...
ci-artifacts/build/: found 1 matching files and directories

Uploading artifacts as "archive" to coordinator... ok
id=2649921 responseStatus=201 Created token=9hDpJ6h6
Uploading artifacts...
WARNING: build.env: no matching files
ERROR: No files to upload
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1
failed
vat compare Finding Compare
('cbff271f45d32e78dcc1979dbca9c14d', 'anchore_comp', 'User root found as effective user, which is explicity not allowed\n Gate: dockerfile\n Trigger: effective_user\n Policy ID: DoDEffectiveUserChecks', None, None)
('CVE-2020-13776', 'twistlock_cve', 'systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.', 'systemd-239-41.el8_3.2', None)
('CVE-2020-13776', 'anchore_cve', 'systemd-libs-239-41.el8_3.2\nhttps://access.redhat.com/security/cve/CVE-2020-13776', 'systemd-libs-239-41.el8_3.2', None)
Uploading artifacts for failed job
Uploading artifacts...
ci-artifacts/compare/: found 2 matching files and directories

Uploading artifacts as "archive" to coordinator... ok
id=2649918 responseStatus=201 Created token=YFYyCvxx
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 4