UNCLASSIFIED

Skip to content

GitLab

You need to sign in or sign up before continuing.

Merge branch 'initial-dev-amartin' into 'development' 

Initial dev amartin

See merge request !14
19 jobs for development in 45 minutes and 14 seconds (queued for 45 minutes and 12 seconds)
204982ef
1 related merge request: !15 Development
Status Job ID Name Coverage
  .Pre
passed #2753210
ironbank
load scripts

00:00:15

 
  Preflight
passed #2753211
ironbank
folder structure

00:00:23

passed #2753212
ironbank
hardening_manifest

00:00:34

 
  Lint
passed #2753213
ironbank
wl compare lint

00:00:37

 
  Finding Compare
failed #2753214
ironbank allowed to fail
vat compare

00:00:28

 
  Import Artifacts
passed #2753215
ironbank
import artifacts

00:02:58

 
  Scan Artifacts
passed #2753216
ironbank
clamav scan

00:20:35

 
  Build
passed #2753217
ironbank-isolated
build

00:02:31

 
  Scanning
passed #2753221
ironbank
anchore scan

00:03:25

passed #2753218
ironbank
openscap compliance

00:05:13

passed #2753219
ironbank
openscap cve

00:13:02

passed #2753220
ironbank
twistlock scan

00:01:38

 
  Csv Output
passed #2753222
ironbank
csv output

00:01:16

 
  Check Cves
failed #2753223
ironbank allowed to fail
check cves

00:00:39

 
  Documentation
passed #2753224
ironbank
sign image

00:00:31

passed #2753225
ironbank
sign manifest

00:00:24

passed #2753226
ironbank
write json documentation

00:00:24

 
  S3 Publish
passed #2753227
ironbank
upload to s3

00:01:33

 
  Vat
passed #2753228
ironbank
vat

00:00:07

 
Name Stage Failure
failed
check cves Check Cves 
INFO: {Finding(scan_source='anchore_cve', cve_id='CVE-2020-8927', package='brotli-1.0.6-2.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82368-2', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-28196', package='krb5-libs-1.18.2-5.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82360-9', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='463a9a24225c26f7a5bf3f38908e5cb3', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='c4ad80832b361f81df2a31e5b6b09864', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20271', package='rpm-4.14.3-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20271', package='rpm-build-libs-4.14.3-4.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-29361', package='p11-kit-0.23.14-5.el8_0', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8927', package='brotli-1.0.6-2.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-29363', package='p11-kit-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_comp', cve_id='639f6f1177735759703e928c14714a59', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82168-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-29363', package='p11-kit-trust-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3177', package='platform-python-devel-3.6.8-31.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82494-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-libs-4.14.3-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8284', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27218', package='glib2-2.56.4-8.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23336', package='platform-python-3.6.8-31.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-13949', package='thrift-0.13.0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8285', package='libcurl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27618', package='glibc-common-2.28-127.el8_3.2', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82395-5', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20232', package='gnutls-3.6.14-7.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23840', package='openssl-libs-1.1.1g-15.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24977', package='libxml2-2.9.7-8.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13776', package='systemd-239-41.el8_3.2', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-27219', package='glib2-2.56.4-8.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8286', package='libcurl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22876', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23841', package='openssl-libs-1.1.1g-15.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='python3-rpm-4.14.3-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-4.14.3-4.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2019-25013', package='glibc-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-29363', package='p11-kit-0.23.14-5.el8_0', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82880-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82985-3', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20305', package='gnutls-3.6.14-7.el8_3', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80938-4', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3326', package='glibc-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_comp', cve_id='698044205a9c4a6d48b7937e66a6bf4f', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20271', package='python3-rpm-4.14.3-4.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='3e5fad1c039f3ecfd1dcdc94d2f1f9a0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20231', package='gnutls-3.6.14-7.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3426', package='python3-libs-3.6.8-31.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82979-6', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-27218', package='glib2-2.56.4-8.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13949', package='thrift-0.13.0', package_path='/opt/app-root/lib/python3.6/site-packages/thrift'), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3326', package='glibc-minimal-langpack-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-29361', package='p11-kit-trust-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-15358', package='sqlite-libs-3.26.0-11.el8', package_path=None), Finding(scan_source='oscap_cve', cve_id='CVE-2021-20305', package='gnutls', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-common-2.28-127.el8_3.2', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82214-8', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20305', package='nettle-3.4.1-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-build-libs-4.14.3-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-config-0.9.4-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20266', package='rpm-libs-4.14.3-4.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8231', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24370', package='lua-libs-5.3.4-11.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8285', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23336', package='platform-python-devel-3.6.8-31.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20271', package='rpm-libs-4.14.3-4.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-29362', package='p11-kit-0.23.14-5.el8_0', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-22876', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_comp', cve_id='3456a263793066e9b5063ada6e47917d', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27645', package='glibc-minimal-langpack-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_comp', cve_id='abb121e9621abdd452f65844954cf1c1', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-27618', package='glibc-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27219', package='glib2-2.56.4-8.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-build-libs-4.14.3-4.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8286', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='python3-hawkey-0.48.0-5.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82949-9', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-83401-0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27619', package='platform-python-3.6.8-31.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='34de21e516c0ca50a96e5386f163f8bf', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13776', package='systemd-pam-239-41.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20271', package='rpm-4.14.3-4.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='addbb93c22e9b0988b8b40392a4538cb', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3426', package='platform-python-devel-3.6.8-31.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-8284', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-22876', package='libcurl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2019-25013', package='glibc-minimal-langpack-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8231', package='libcurl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20231', package='gnutls-3.6.14-7.el8_3', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-28153', package='glib2-2.56.4-8.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27619', package='python3-libs-3.6.8-31.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2020-13776', package='systemd-239-41.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8286', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='libdnf-0.48.0-5.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82959-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13434', package='sqlite-libs-3.26.0-11.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82220-5', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8284', package='libcurl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20232', package='gnutls-3.6.14-7.el8_3', package_path=None), Finding(scan_source='anchore_comp', cve_id='bcd159901fe47efddae5c095b4b0d7fd', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27618', package='glibc-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3177', package='python3-libs-3.6.8-31.el8', package_path=None), Finding(scan_source='oscap_cve', cve_id='RHSA-2021:1206', package='gnutls', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23336', package='python3-libs-3.6.8-31.el8', package_path=None), Finding(scan_source='anchore_comp', cve_id='506370d7c763d6a73dfe8b98e0d4a2bc', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='c2e44319ae5b3b040044d8ae116d1c2f', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82472-2', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8285', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-24977', package='python3-libxml2-2.9.7-8.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3426', package='platform-python-3.6.8-31.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-8231', package='curl-7.61.1-14.el8_3.1', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20305', package='nettle-3.4.1-2.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-29362', package='p11-kit-trust-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3326', package='glibc-common-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-16135', package='libssh-0.9.4-2.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80935-0', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-28153', package='glib2-2.56.4-8.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82473-0', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='PRISMA-2021-0020', package='click-7.1.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-29362', package='p11-kit-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-29361', package='p11-kit-0.23.14-5.el8_0', package_path=None), Finding(scan_source='anchore_comp', cve_id='320a97c6816565eedf3545833df99dd0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='rpm-4.14.3-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3445', package='python3-libdnf-0.48.0-5.el8', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80784-2', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-13776', package='systemd-libs-239-41.el8_3.2', package_path=None), Finding(scan_source='anchore_comp', cve_id='e7573262736ef52353cde3bae2617782', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2019-25013', package='glibc-common-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27618', package='glibc-minimal-langpack-2.28-127.el8_3.2', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-3326', package='glibc-2.28-127.el8_3.2', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2020-27619', package='platform-python-devel-3.6.8-31.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3421', package='python3-rpm-4.14.3-4.el8', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3177', package='platform-python-3.6.8-31.el8', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-20305', package='gnutls-3.6.14-7.el8_3', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82474-8', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82267-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2019-25013', package='glibc-2.28-127.el8_3.2', package_path=None)}
ERROR: NON-WHITELISTED VULNERABILITIES FOUND
ERROR: Number of non-whitelisted vulnerabilities: 2
ERROR: The following vulnerabilities are not whitelisted:
ERROR: scan_source                   cve_id                        package                       package_path                  
ERROR: oscap_cve                     CVE-2021-20305                gnutls                        None                          
ERROR: oscap_cve                     RHSA-2021:1206                gnutls                        None                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1
failed
vat compare Finding Compare 
INFO: ('CVE-2021-3450', 'anchore_cve', 'openssl-libs-1.1.1g-12.el8_3\nhttps://access.redhat.com/security/cve/CVE-2021-3450', 'openssl-libs-1.1.1g-12.el8_3', None)
INFO: ('CVE-2021-23840', 'anchore_cve', 'openssl-libs-1.1.1g-12.el8_3\nhttps://access.redhat.com/security/cve/CVE-2021-23840', 'openssl-libs-1.1.1g-12.el8_3', None)
INFO: ('CVE-2020-13776', 'anchore_cve', 'systemd-pam-239-41.el8_3.1\nhttps://access.redhat.com/security/cve/CVE-2020-13776', 'systemd-pam-239-41.el8_3.1', None)
Uploading artifacts for failed job
ci-artifacts/compare/: found 2 matching files and directories 
Uploading artifacts...
Uploading artifacts as "archive" to coordinator... ok  id=2753214 responseStatus=201 Created token=MdZuZn9x
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 4

UNCLASSIFIED