UNCLASSIFIED

Merge branch 'renovate/docker-sonarqube-8.x' into 'development'

Update sonarqube Docker tag to v8.9

See merge request !36
16 jobs for development in 13 minutes and 52 seconds (queued for 14 minutes and 34 seconds)
Status Job ID Name Coverage
  .Pre
passed #3261618
ironbank
load scripts

00:00:06

 
  Preflight
passed #3261620
ironbank
folder structure

00:00:08

passed #3261621
ironbank
hardening_manifest

00:00:10

passed #3261619
ironbank
trufflehog

00:00:07

 
  Lint
failed #3261622
ironbank allowed to fail
wl compare lint

00:00:09

 
  Import Artifacts
passed #3261623
ironbank
import artifacts

00:01:02

 
  Scan Artifacts
passed #3261624
ironbank
clamav scan

00:02:22

 
  Build
passed #3261625
ironbank-isolated
build

00:02:40

 
  Scanning
passed #3261626
ironbank
anchore scan

00:03:40

passed #3261627
ironbank
openscap compliance

00:01:14

passed #3261628
ironbank
twistlock scan

00:00:37

 
  Csv Output
passed #3261629
ironbank
csv output

00:00:29

 
  Check Cves
failed #3261630
ironbank allowed to fail
check cves

00:00:14

 
  Documentation
passed #3261631
ironbank
documentation

00:01:07

 
  S3 Publish
passed #3261632
ironbank
upload to s3

00:01:38

 
  Vat
passed #3261633
ironbank
vat

00:00:08

 
Name Stage Failure
failed
check cves Check Cves
ERROR: anchore_cve                   GHSA-5mg8-w23w-74h3           guava-10.0.1                  /opt/sonarqube/lib/extensions/sonar-flex-plugin-2.6.1.2564.jar:guava    
ERROR: anchore_cve GHSA-5mg8-w23w-74h3 guava-28.2-jre /opt/sonarqube/lib/sonar-application-8.9.0.43852.jar:guava
ERROR: anchore_cve GHSA-5mg8-w23w-74h3 guava-28.2-jre /opt/sonarqube/lib/scanner/sonar-scanner-engine-shaded-8.9.0.43852-all.jar:guava
ERROR: anchore_cve GHSA-vwqq-5vrc-xw9h log4j-core-2.11.1 /opt/sonarqube/elasticsearch/bin/elasticsearch-sql-cli-7.12.1.jar:log4j-core
ERROR: anchore_cve CVE-2020-13697 nanohttpd-2.3.1 /opt/sonarqube/lib/sonar-application-8.9.0.43852.jar:nanohttpd
ERROR: twistlock_cve CVE-2020-28491 com.fasterxml.jackson.dataformat_jackson-dataformat-cbor-2.10.4 None
ERROR: twistlock_cve CVE-2020-28491 com.fasterxml.jackson.dataformat_jackson-dataformat-cbor-2.10.5 None
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1
failed
wl compare lint Lint
Uploading artifacts for failed job
Uploading artifacts...
ci-artifacts/lint/: found 3 matching files and directories

Uploading artifacts as "archive" to coordinator... ok
id=3261622 responseStatus=201 Created token=yMQQufV-
Uploading artifacts...
variables.env: found 1 matching files and directories

Uploading artifacts as "dotenv" to coordinator... ok
id=3261622 responseStatus=201 Created token=yMQQufV-
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 3