Pipeline · Ironbank Containers / Rancher Federal / RKE2 / kube-proxy

Merge branch 'RKE2-v1.20.7' into 'development'

Automated commit for RKE2-v1.20.7 / hardened-kube-proxy

See merge request !11

16 jobs for development in 11 minutes (queued for 12 minutes and 52 seconds)

7ab96fec

Status	Job ID	Name
.Pre
passed	#3772074	load-scripts	00:00:06 Jun 02, 2021

Preflight
passed	#3772076	folder-structure	00:00:08 Jun 02, 2021
passed	#3772077	hardening-manifest	00:00:08 Jun 02, 2021
passed	#3772075	trufflehog	00:00:06 Jun 02, 2021

Lint
passed	#3772078	wl-compare-lint	00:00:07 Jun 02, 2021

Import Artifacts
passed	#3772079	import-artifacts	00:00:21 Jun 02, 2021

Scan Artifacts
passed	#3772080	clamav-scan	00:01:47 Jun 02, 2021

Build
passed	#3772081	build	00:05:10 Jun 02, 2021

Scanning
passed	#3772082	anchore-scan	00:01:11 Jun 02, 2021
passed	#3772083 ironbank-dsop-privileged	openscap-compliance	00:01:27 Jun 02, 2021
passed	#3772084	twistlock-scan	00:00:27 Jun 02, 2021

Csv Output
passed	#3772085	csv-output	00:00:16 Jun 02, 2021

Check Cves
failed	#3772086 allowed to fail	check-cves	00:00:11 Jun 02, 2021

Documentation
passed	#3772087	documentation	00:00:27 Jun 02, 2021

S3 Publish
passed	#3772088	upload-to-s3	00:00:47 Jun 02, 2021

Vat
passed	#3772089	vat	00:00:07 Jun 02, 2021

Name Stage Failure

	Name	Stage	Failure
failed	check-cves	Check Cves
	INFO: Vulnerabilities found in scanning stage: 70 INFO: {Finding(scan_source='oscap_comp', cve_id='CCE-27350-8', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82055-5', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80526-7', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2014-4043', package='glibc-2.17-324.el7_9', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80438-5', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80534-1', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80527-5', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-27219', package='glib2-2.56.1-8.el7', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80353-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80524-2', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='320a97c6816565eedf3545833df99dd0', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-26895-3', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='34de21e516c0ca50a96e5386f163f8bf', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80352-8', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80532-5', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82045-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80525-9', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='addbb93c22e9b0988b8b40392a4538cb', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2014-3591', package='libgcrypt-1.5.3-14.el7', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82020-9', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27219', package='glib2-2.56.1-8.el7', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2014-4043', package='glibc-common-2.17-324.el7_9', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80531-7', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80521-8', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80536-6', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='abb121e9621abdd452f65844954cf1c1', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82030-8', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80171-2', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27051-2', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80530-9', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27512-3', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80134-0', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27200-5', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82036-5', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27286-4', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23840', package='openssl-libs-1.0.2k-21.el7_9', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-26884-7', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80523-4', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='c67a2c13ebe88380113e7fbcb2437714', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27285-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80368-4', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='ad4759bf9c3ce28f10d9d2f6eae51fa1', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2014-5270', package='libgcrypt-1.5.3-14.el7', package_path=None), Finding(scan_source='anchore_comp', cve_id='3456a263793066e9b5063ada6e47917d', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27360-7', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2015-2059', package='libidn-1.28-4.el7', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80535-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2014-3591', package='gnupg2-2.0.22-5.el7_5', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27214-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27297-1', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='c2e44319ae5b3b040044d8ae116d1c2f', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='41cb7cdf04850e33a11f80c42bf660b3', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27209-6', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='cbff271f45d32e78dcc1979dbca9c14d', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='3e5fad1c039f3ecfd1dcdc94d2f1f9a0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2015-0247', package='libcom_err-1.42.9-19.el7', package_path=None), Finding(scan_source='anchore_comp', cve_id='698044205a9c4a6d48b7937e66a6bf4f', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27355-7', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='e7573262736ef52353cde3bae2617782', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80533-3', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2015-2059', package='libidn-1.28-4.el7', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80522-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2014-4617', package='gnupg2-2.0.22-5.el7_5', package_path=None), Finding(scan_source='anchore_comp', cve_id='463a9a24225c26f7a5bf3f38908e5cb3', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='db0e0618d692b953341be18b99a2865a', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='639f6f1177735759703e928c14714a59', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27293-0', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80529-1', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27345-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23841', package='openssl-libs-1.0.2k-21.el7_9', package_path=None)} ERROR: NON-WHITELISTED VULNERABILITIES FOUND ERROR: Number of non-whitelisted vulnerabilities: 1 ERROR: The following vulnerabilities are not whitelisted: ERROR: scan_source cve_id package package_path ERROR: oscap_comp CCE-26895-3 None None Cleaning up file based variables ERROR: Job failed: command terminated with exit code 1

failed

check-cves

Check Cves

INFO: Vulnerabilities found in scanning stage: 70
INFO: {Finding(scan_source='oscap_comp', cve_id='CCE-27350-8', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82055-5', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80526-7', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2014-4043', package='glibc-2.17-324.el7_9', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80438-5', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80534-1', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80527-5', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-27219', package='glib2-2.56.1-8.el7', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80353-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80524-2', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='320a97c6816565eedf3545833df99dd0', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-26895-3', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='34de21e516c0ca50a96e5386f163f8bf', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80352-8', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80532-5', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82045-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80525-9', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='addbb93c22e9b0988b8b40392a4538cb', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2014-3591', package='libgcrypt-1.5.3-14.el7', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82020-9', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-27219', package='glib2-2.56.1-8.el7', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2014-4043', package='glibc-common-2.17-324.el7_9', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80531-7', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80521-8', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80536-6', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='abb121e9621abdd452f65844954cf1c1', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82030-8', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80171-2', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27051-2', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80530-9', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27512-3', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80134-0', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27200-5', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-82036-5', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27286-4', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23840', package='openssl-libs-1.0.2k-21.el7_9', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-26884-7', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80523-4', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='c67a2c13ebe88380113e7fbcb2437714', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27285-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80368-4', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='ad4759bf9c3ce28f10d9d2f6eae51fa1', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2014-5270', package='libgcrypt-1.5.3-14.el7', package_path=None), Finding(scan_source='anchore_comp', cve_id='3456a263793066e9b5063ada6e47917d', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27360-7', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2015-2059', package='libidn-1.28-4.el7', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80535-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2014-3591', package='gnupg2-2.0.22-5.el7_5', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27214-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27297-1', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='c2e44319ae5b3b040044d8ae116d1c2f', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='41cb7cdf04850e33a11f80c42bf660b3', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27209-6', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='cbff271f45d32e78dcc1979dbca9c14d', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='3e5fad1c039f3ecfd1dcdc94d2f1f9a0', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2015-0247', package='libcom_err-1.42.9-19.el7', package_path=None), Finding(scan_source='anchore_comp', cve_id='698044205a9c4a6d48b7937e66a6bf4f', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27355-7', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='e7573262736ef52353cde3bae2617782', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80533-3', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2015-2059', package='libidn-1.28-4.el7', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80522-6', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2014-4617', package='gnupg2-2.0.22-5.el7_5', package_path=None), Finding(scan_source='anchore_comp', cve_id='463a9a24225c26f7a5bf3f38908e5cb3', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='db0e0618d692b953341be18b99a2865a', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='639f6f1177735759703e928c14714a59', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27293-0', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80529-1', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27345-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23841', package='openssl-libs-1.0.2k-21.el7_9', package_path=None)}
ERROR: NON-WHITELISTED VULNERABILITIES FOUND
ERROR: Number of non-whitelisted vulnerabilities: 1
ERROR: The following vulnerabilities are not whitelisted:
ERROR: scan_source                   cve_id                        package                       package_path                  
ERROR: oscap_comp                    CCE-26895-3                   None                          None                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1