Pipeline · Ironbank Containers / Solutions Delivery Platform / jenkins / jenkins

Merge branch 'credentials-2.4.1-update' into 'development'

Updated credentials plugin to 2.4.1

See merge request !45

16 jobs for development in 12 minutes and 17 seconds (queued for 12 minutes and 16 seconds)

b80f8a01

Status	Job ID	Name
.Pre
passed	#3636579	load-scripts	00:00:06 May 27, 2021

Preflight
passed	#3636581	folder-structure	00:00:05 May 27, 2021
passed	#3636582	hardening-manifest	00:00:08 May 27, 2021
passed	#3636580	trufflehog	00:00:07 May 27, 2021

Lint
passed	#3636583	wl-compare-lint	00:00:08 May 27, 2021

Import Artifacts
passed	#3636584	import-artifacts	00:00:14 May 27, 2021

Scan Artifacts
passed	#3636585	clamav-scan	00:02:02 May 27, 2021

Build
passed	#3636586	build	00:02:25 May 27, 2021

Scanning
passed	#3636587	anchore-scan	00:03:59 May 27, 2021
passed	#3636588 ironbank-dsop-privileged	openscap-compliance	00:01:11 May 27, 2021
passed	#3636589	twistlock-scan	00:00:40 May 27, 2021

Csv Output
passed	#3636590	csv-output	00:00:25 May 27, 2021

Check Cves
failed	#3636591 allowed to fail	check-cves	00:00:11 May 27, 2021

Documentation
passed	#3636592	documentation	00:01:01 May 27, 2021

S3 Publish
passed	#3636593	upload-to-s3	00:01:23 May 27, 2021

Vat
passed	#3636594	vat	00:00:07 May 27, 2021

Name Stage Failure

	Name	Stage	Failure
failed	check-cves	Check Cves
	ERROR: Number of non-whitelisted vulnerabilities: 4 ERROR: The following vulnerabilities are not whitelisted: ERROR: scan_source cve_id package package_path ERROR: anchore_cve CVE-2021-23369 handlebars-1.1.1 /usr/share/jenkins/jenkins.war:WEB-INF/lib/handlebars-1.1.1-core-assets.jar ERROR: anchore_cve CVE-2021-23383 handlebars-1.1.1 /usr/share/jenkins/jenkins.war:WEB-INF/lib/handlebars-1.1.1-core-assets.jar ERROR: anchore_cve GHSA-7chv-rrw6-w6fc xstream-1.4.15 /usr/share/jenkins/jenkins.war:WEB-INF/lib/xstream-1.4.15.jar ERROR: twistlock_cve CVE-2020-14145 openssh-8.0p1-6.el8_4.2 None Cleaning up file based variables ERROR: Job failed: command terminated with exit code 1

failed

check-cves

Check Cves

ERROR: Number of non-whitelisted vulnerabilities: 4
ERROR: The following vulnerabilities are not whitelisted:
ERROR: scan_source                   cve_id                        package                       package_path                  
ERROR: anchore_cve                   CVE-2021-23369                handlebars-1.1.1              /usr/share/jenkins/jenkins.war:WEB-INF/lib/handlebars-1.1.1-core-assets.jar    
ERROR: anchore_cve                   CVE-2021-23383                handlebars-1.1.1              /usr/share/jenkins/jenkins.war:WEB-INF/lib/handlebars-1.1.1-core-assets.jar    
ERROR: anchore_cve                   GHSA-7chv-rrw6-w6fc           xstream-1.4.15                /usr/share/jenkins/jenkins.war:WEB-INF/lib/xstream-1.4.15.jar    
ERROR: twistlock_cve                 CVE-2020-14145                openssh-8.0p1-6.el8_4.2       None                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1