UNCLASSIFIED

Merge branch 'hardening_manifest' into 'development'

Migrate to hardening_manifest.yaml

See merge request !13
18 jobs for development in 7 minutes and 7 seconds (queued for 9 minutes and 4 seconds)
latest
Status Job ID Name Coverage
  .Pre
passed #6494070
load-scripts

00:00:10

 
  Preflight
passed #6494072
folder-structure

00:00:10

passed #6494073
hardening-manifest

00:00:15

passed #6494071
trufflehog

00:00:10

 
  Lint
passed #6494074
wl-compare-lint

00:00:11

 
  Import Artifacts
passed #6494075
import-artifacts

00:00:22

 
  Scan Artifacts
passed #6494076
clamav-scan

00:00:51

 
  Build
passed #6494077
build

00:01:56

 
  Post Build
passed #6494078
create-tar

00:00:17

 
  Scanning
passed #6494079
anchore-scan

00:01:37

passed #6494080
ironbank-dsop-privileged
openscap-compliance

00:01:14

passed #6494081
twistlock-scan

00:00:22

 
  Csv Output
passed #6494082
csv-output

00:00:17

 
  Check Cves
failed #6494083
allowed to fail
check-cves

00:00:11

 
  Documentation
passed #6494084
ib-manifest

00:00:14

passed #6494085
write-json-docs

00:00:11

 
  S3 Publish
passed #6494086
upload-to-s3

00:00:25

 
  Vat
passed #6494087
vat

00:00:12

 
Name Stage Failure
failed
check-cves Check Cves
INFO: {Finding(scan_source='oscap_comp', cve_id='CCE-80535-8', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-36084', package='libsepol-2.5-10.el7', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80533-3', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80521-8', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-37750', package='krb5-libs-1.15.1-50.el7', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36085', package='libsepol-2.5-10.el7', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80529-1', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36086', package='libsepol-2.5-10.el7', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36084', package='libsepol-2.5-10.el7', package_path=None), Finding(scan_source='anchore_comp', cve_id='41cb7cdf04850e33a11f80c42bf660b3', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80134-0', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-36086', package='libsepol-2.5-10.el7', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27285-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80171-2', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20271', package='rpm-4.11.3-45.el7', package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-36087', package='libsepol-2.5-10.el7', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80526-7', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-36087', package='libsepol-2.5-10.el7', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80530-9', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80522-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80523-4', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80532-5', package=None, package_path=None), Finding(scan_source='anchore_comp', cve_id='cbff271f45d32e78dcc1979dbca9c14d', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80536-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80534-1', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23840', package='openssl-libs-1.0.2k-21.el7_9', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80438-5', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80527-5', package=None, package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-23841', package='openssl-libs-1.0.2k-21.el7_9', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-3712', package='openssl-libs-1.0.2k-21.el7_9', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80525-9', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80524-2', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80531-7', package=None, package_path=None), Finding(scan_source='twistlock_cve', cve_id='CVE-2021-36085', package='libsepol-2.5-10.el7', package_path=None), Finding(scan_source='anchore_cve', cve_id='CVE-2021-20271', package='rpm-libs-4.11.3-45.el7', package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-27209-6', package=None, package_path=None), Finding(scan_source='oscap_comp', cve_id='CCE-80368-4', package=None, package_path=None)}
ERROR: NON-WHITELISTED VULNERABILITIES FOUND
ERROR: Number of non-whitelisted vulnerabilities: 2
ERROR: The following vulnerabilities are not whitelisted:
ERROR: scan_source cve_id package package_path
ERROR: anchore_cve CVE-2021-20271 rpm-4.11.3-45.el7 None
ERROR: anchore_cve CVE-2021-20271 rpm-libs-4.11.3-45.el7 None
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1