Pipeline · Ironbank Containers / SonarSource / sonarqube / sonarqube8-community

Update dependency SonarSource/docker-sonarqube to v8.9.1

14 jobs for renovate/sonarsource-docker-sonarqube-8.x in 16 minutes and 48 seconds (queued for 22 seconds)

Status	Job ID	Name
.Pre
passed	#4216059	load-scripts	00:00:13 Jun 19, 2021

Preflight
passed	#4216061	folder-structure	00:00:15 Jun 19, 2021
passed	#4216062	hardening-manifest	00:00:45 Jun 19, 2021
passed	#4216060	trufflehog	00:00:13 Jun 19, 2021

Lint
passed	#4216063	wl-compare-lint	00:00:28 Jun 19, 2021

Import Artifacts
passed	#4216064	import-artifacts	00:02:14 Jun 19, 2021

Scan Artifacts
passed	#4216065	clamav-scan	00:03:17 Jun 19, 2021

Build
passed	#4216066	build	00:04:03 Jun 19, 2021

Scanning
passed	#4216067	anchore-scan	00:04:48 Jun 19, 2021
passed	#4216068 ironbank-dsop-privileged	openscap-compliance	00:01:36 Jun 19, 2021
passed	#4216069	twistlock-scan	00:01:23 Jun 19, 2021

Csv Output
passed	#4216070	csv-output	00:00:36 Jun 19, 2021

Check Cves
failed	#4216071 allowed to fail	check-cves	00:00:17 Jun 19, 2021

Documentation
passed	#4216072	create-tar	00:01:46 Jun 19, 2021

Name Stage Failure

	Name	Stage	Failure
failed	check-cves	Check Cves
	ERROR: anchore_cve GHSA-5mg8-w23w-74h3 guava-28.2-jre /opt/sonarqube/lib/sonar-application-8.9.1.44547.jar:guava ERROR: anchore_cve GHSA-5mg8-w23w-74h3 guava-28.2-jre /opt/sonarqube/lib/scanner/sonar-scanner-engine-shaded-8.9.1.44547-all.jar:guava ERROR: anchore_cve CVE-2020-13697 nanohttpd-2.3.1 /opt/sonarqube/lib/sonar-application-8.9.1.44547.jar:nanohttpd ERROR: anchore_cve CVE-2021-0555 protobuf-3.11.4 /opt/sonarqube/lib/scanner/sonar-scanner-engine-shaded-8.9.1.44547-all.jar:protobuf-java ERROR: anchore_cve CVE-2021-0555 protobuf-3.11.4 /opt/sonarqube/lib/extensions/sonar-scala-plugin-1.8.3.2219.jar:protobuf-java ERROR: anchore_cve CVE-2021-0555 protobuf-3.11.4 /opt/sonarqube/lib/sonar-application-8.9.1.44547.jar:protobuf-java ERROR: twistlock_cve PRISMA-2021-0081 org.apache.lucene_lucene-core-8.8.0 None Cleaning up file based variables ERROR: Job failed: command terminated with exit code 1

failed

check-cves

Check Cves

ERROR: anchore_cve                   GHSA-5mg8-w23w-74h3           guava-28.2-jre                /opt/sonarqube/lib/sonar-application-8.9.1.44547.jar:guava    
ERROR: anchore_cve                   GHSA-5mg8-w23w-74h3           guava-28.2-jre                /opt/sonarqube/lib/scanner/sonar-scanner-engine-shaded-8.9.1.44547-all.jar:guava    
ERROR: anchore_cve                   CVE-2020-13697                nanohttpd-2.3.1               /opt/sonarqube/lib/sonar-application-8.9.1.44547.jar:nanohttpd    
ERROR: anchore_cve                   CVE-2021-0555                 protobuf-3.11.4               /opt/sonarqube/lib/scanner/sonar-scanner-engine-shaded-8.9.1.44547-all.jar:protobuf-java    
ERROR: anchore_cve                   CVE-2021-0555                 protobuf-3.11.4               /opt/sonarqube/lib/extensions/sonar-scala-plugin-1.8.3.2219.jar:protobuf-java    
ERROR: anchore_cve                   CVE-2021-0555                 protobuf-3.11.4               /opt/sonarqube/lib/sonar-application-8.9.1.44547.jar:protobuf-java    
ERROR: twistlock_cve                 PRISMA-2021-0081              org.apache.lucene_lucene-core-8.8.0    None                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1