Pipeline · Ironbank Containers / SonarSource / sonarqube / sonarqube8-community

Update dependency SonarSource/docker-sonarqube to v8.7.1

13 jobs for renovate/sonarsource-docker-sonarqube-8.x in 14 minutes and 8 seconds (queued for 27 seconds)

Status	Job ID	Name
.Pre
passed	#2336531 ironbank	load scripts	00:00:09 Mar 13, 2021

Preflight
passed	#2336532 ironbank	folder structure	00:00:08 Mar 13, 2021
passed	#2336533 ironbank	hardening_manifest	00:00:13 Mar 13, 2021

Lint
passed	#2336534 ironbank	wl compare lint	00:00:13 Mar 13, 2021

Import Artifacts
passed	#2336535 ironbank	import artifacts	00:01:09 Mar 13, 2021

Scan Artifacts
passed	#2336536 ironbank	clamav scan	00:02:39 Mar 13, 2021

Build
passed	#2336537 ironbank-isolated	build	00:03:51 Mar 13, 2021

Scanning
passed	#2336541 ironbank	anchore scan	00:03:00 Mar 13, 2021
passed	#2336538 ironbank	openscap compliance	00:01:38 Mar 13, 2021
passed	#2336539 ironbank	openscap cve	00:04:34 Mar 13, 2021
passed	#2336540 ironbank	twistlock scan	00:00:40 Mar 13, 2021

Csv Output
passed	#2336542 ironbank	csv output	00:01:00 Mar 13, 2021

Check Cves
failed	#2336543 ironbank allowed to fail	check cves	00:00:14 Mar 13, 2021

Name Stage Failure

	Name	Stage	Failure
failed	check cves	Check Cves
	ERROR: anchore_cve CVE-2018-19362 jackson-core-2.9.7 /opt/sonarqube/lib/common/hazelcast-3.12.9.jar:jackson-core ERROR: anchore_cve CVE-2020-13697 nanohttpd-2.3.1 /opt/sonarqube/lib/common/nanohttpd-2.3.1.jar ERROR: twistlock_cve CVE-2021-25122 apache tomcat_tomcat-embed-core-8.5.60 ERROR: twistlock_cve CVE-2021-25329 apache tomcat_tomcat-embed-core-8.5.60 ERROR: twistlock_cve CVE-2021-20231 gnutls-3.6.14-7.el8_3 ERROR: twistlock_cve CVE-2021-20232 gnutls-3.6.14-7.el8_3 ERROR: twistlock_cve CVE-2021-21290 io.netty_netty-codec-4.1.49.Final Cleaning up file based variables ERROR: Job failed: command terminated with exit code 1

failed

check cves

Check Cves

ERROR: anchore_cve                   CVE-2018-19362                jackson-core-2.9.7            /opt/sonarqube/lib/common/hazelcast-3.12.9.jar:jackson-core    
ERROR: anchore_cve                   CVE-2020-13697                nanohttpd-2.3.1               /opt/sonarqube/lib/common/nanohttpd-2.3.1.jar    
ERROR: twistlock_cve                 CVE-2021-25122                apache tomcat_tomcat-embed-core-8.5.60                                  
ERROR: twistlock_cve                 CVE-2021-25329                apache tomcat_tomcat-embed-core-8.5.60                                  
ERROR: twistlock_cve                 CVE-2021-20231                gnutls-3.6.14-7.el8_3                                       
ERROR: twistlock_cve                 CVE-2021-20232                gnutls-3.6.14-7.el8_3                                       
ERROR: twistlock_cve                 CVE-2021-21290                io.netty_netty-codec-4.1.49.Final                                  
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1