Pipeline · Ironbank Containers / SonarSource / sonarqube / sonarqube8-datacenter-app

Merge branch 'renovate/sonarqube-8.9-datacenter-app' into 'development'

Update sonarqube:8.9-datacenter-app Docker digest to 3665548

See merge request !28

16 jobs for development in 54 minutes and 30 seconds (queued for 53 minutes and 44 seconds)

bcbeac47

Status	Job ID	Name
.Pre
passed	#5224238	load-scripts	00:00:10 Jul 29, 2021

Preflight
passed	#5224240	folder-structure	00:00:09 Jul 29, 2021
passed	#5224241	hardening-manifest	00:00:11 Jul 29, 2021
passed	#5224239	trufflehog	00:00:09 Jul 29, 2021

Lint
passed	#5224242	wl-compare-lint	00:00:12 Jul 29, 2021

Import Artifacts
passed	#5224243	import-artifacts	00:01:16 Jul 29, 2021

Scan Artifacts
passed	#5224244	clamav-scan	00:02:35 Jul 29, 2021

Build
passed	#5224245	build	00:03:01 Jul 29, 2021

Scanning
passed	#5224246	anchore-scan	00:06:54 Jul 29, 2021
passed	#5224247 ironbank-dsop-privileged	openscap-compliance	00:01:27 Jul 29, 2021
passed	#5224248	twistlock-scan	00:40:31 Jul 29, 2021

Csv Output
passed	#5224249	csv-output	00:00:58 Jul 29, 2021

Check Cves
failed	#5224250 allowed to fail	check-cves	00:00:23 Jul 29, 2021

Documentation
passed	#5224251	documentation	00:01:49 Jul 29, 2021

S3 Publish
passed	#5224252	upload-to-s3	00:02:49 Jul 29, 2021

Vat
passed	#5224253	vat	00:00:26 Jul 29, 2021

Name Stage Failure

	Name	Stage	Failure
failed	check-cves	Check Cves
	ERROR: anchore_cve CVE-2021-0555 protobuf-3.11.4 /opt/sonarqube/lib/sonar-application-8.9.2.46101.jar:protobuf-java ERROR: anchore_cve CVE-2021-0555 protobuf-3.11.4 /opt/sonarqube/lib/scanner/scanner-datacenter-8.9.2.46101-all.jar:protobuf-java ERROR: twistlock_cve CVE-2021-21290 io.netty_netty-codec-http-4.1.49.Final None ERROR: twistlock_cve CVE-2021-35515 org.apache.commons_commons-compress-1.20 None ERROR: twistlock_cve CVE-2021-35516 org.apache.commons_commons-compress-1.20 None ERROR: twistlock_cve CVE-2021-35517 org.apache.commons_commons-compress-1.20 None ERROR: twistlock_cve CVE-2021-36090 org.apache.commons_commons-compress-1.20 None Cleaning up file based variables ERROR: Job failed: command terminated with exit code 1

failed

check-cves

Check Cves

ERROR: anchore_cve                   CVE-2021-0555                 protobuf-3.11.4               /opt/sonarqube/lib/sonar-application-8.9.2.46101.jar:protobuf-java    
ERROR: anchore_cve                   CVE-2021-0555                 protobuf-3.11.4               /opt/sonarqube/lib/scanner/scanner-datacenter-8.9.2.46101-all.jar:protobuf-java    
ERROR: twistlock_cve                 CVE-2021-21290                io.netty_netty-codec-http-4.1.49.Final    None                          
ERROR: twistlock_cve                 CVE-2021-35515                org.apache.commons_commons-compress-1.20    None                          
ERROR: twistlock_cve                 CVE-2021-35516                org.apache.commons_commons-compress-1.20    None                          
ERROR: twistlock_cve                 CVE-2021-35517                org.apache.commons_commons-compress-1.20    None                          
ERROR: twistlock_cve                 CVE-2021-36090                org.apache.commons_commons-compress-1.20    None                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1