Pipeline · Ironbank Containers / SonarSource / sonarqube / sonarqube8-community

Merge branch 'renovate/sonarqube-8.9-community' into 'development'

Update sonarqube:8.9-community Docker digest to 0fc6c71

See merge request !40

16 jobs for development in 15 minutes and 43 seconds (queued for 16 minutes and 36 seconds)

f9614d87

Status	Job ID	Name
.Pre
passed	#4120801	load-scripts	00:00:22 Jun 15, 2021

Preflight
passed	#4120803	folder-structure	00:00:12 Jun 15, 2021
passed	#4120804	hardening-manifest	00:00:11 Jun 15, 2021
passed	#4120802	trufflehog	00:00:13 Jun 15, 2021

Lint
passed	#4120805	wl-compare-lint	00:00:12 Jun 15, 2021

Import Artifacts
passed	#4120806	import-artifacts	00:01:03 Jun 15, 2021

Scan Artifacts
passed	#4120807	clamav-scan	00:02:18 Jun 15, 2021

Build
passed	#4120808	build	00:02:43 Jun 15, 2021

Scanning
passed	#4120809	anchore-scan	00:04:32 Jun 15, 2021
passed	#4120810 ironbank-dsop-privileged	openscap-compliance	00:01:15 Jun 15, 2021
passed	#4120811	twistlock-scan	00:00:50 Jun 15, 2021

Csv Output
passed	#4120812	csv-output	00:00:37 Jun 15, 2021

Check Cves
failed	#4120813 allowed to fail	check-cves	00:00:12 Jun 15, 2021

Documentation
passed	#4120814	documentation	00:01:09 Jun 15, 2021

S3 Publish
passed	#4120815	upload-to-s3	00:01:46 Jun 15, 2021

Vat
passed	#4120816	vat	00:00:13 Jun 15, 2021

Name Stage Failure

	Name	Stage	Failure
failed	check-cves	Check Cves
	ERROR: The following vulnerabilities are not whitelisted: ERROR: scan_source cve_id package package_path ERROR: anchore_cve VULNDB-256815 commons-compress-1.20 /opt/sonarqube/lib/extensions/sonar-javascript-plugin-7.4.4.15624.jar:commons-compress ERROR: anchore_cve VULNDB-257084 commons-compress-1.20 /opt/sonarqube/lib/extensions/sonar-javascript-plugin-7.4.4.15624.jar:commons-compress ERROR: anchore_cve GHSA-5mg8-w23w-74h3 guava-28.2-jre /opt/sonarqube/lib/sonar-application-8.9.1.44547.jar:guava ERROR: anchore_cve GHSA-5mg8-w23w-74h3 guava-28.2-jre /opt/sonarqube/lib/scanner/sonar-scanner-engine-shaded-8.9.1.44547-all.jar:guava ERROR: anchore_cve CVE-2020-13697 nanohttpd-2.3.1 /opt/sonarqube/lib/sonar-application-8.9.1.44547.jar:nanohttpd Cleaning up file based variables ERROR: Job failed: command terminated with exit code 1

failed

check-cves

Check Cves

ERROR: The following vulnerabilities are not whitelisted:
ERROR: scan_source                   cve_id                        package                       package_path                  
ERROR: anchore_cve                   VULNDB-256815                 commons-compress-1.20         /opt/sonarqube/lib/extensions/sonar-javascript-plugin-7.4.4.15624.jar:commons-compress    
ERROR: anchore_cve                   VULNDB-257084                 commons-compress-1.20         /opt/sonarqube/lib/extensions/sonar-javascript-plugin-7.4.4.15624.jar:commons-compress    
ERROR: anchore_cve                   GHSA-5mg8-w23w-74h3           guava-28.2-jre                /opt/sonarqube/lib/sonar-application-8.9.1.44547.jar:guava    
ERROR: anchore_cve                   GHSA-5mg8-w23w-74h3           guava-28.2-jre                /opt/sonarqube/lib/scanner/sonar-scanner-engine-shaded-8.9.1.44547-all.jar:guava    
ERROR: anchore_cve                   CVE-2020-13697                nanohttpd-2.3.1               /opt/sonarqube/lib/sonar-application-8.9.1.44547.jar:nanohttpd    
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1