UNCLASSIFIED

Skip to content

GitLab

You need to sign in or sign up before continuing.

Merge branch 'renovate/docker-sonarqube-8.8-developer' into 'development' 

Update sonarqube:8.8-developer Docker digest to fb6fa03

See merge request !24
17 jobs for development in 42 minutes and 43 seconds (queued for 38 minutes and 41 seconds)
d6ebe125
1 related merge request: !25 Merge Development into Master
Status Job ID Name Coverage
  .Pre
passed #3034005
ironbank
load scripts

00:00:14

 
  Preflight
passed #3034007
ironbank
folder structure

00:02:08

passed #3034008
ironbank
hardening_manifest

00:02:22

passed #3034006
ironbank
trufflehog

00:02:50

 
  Lint
failed #3034009
ironbank allowed to fail
wl compare lint

00:00:45

 
  Import Artifacts
passed #3034010
ironbank
import artifacts

00:04:12

 
  Scan Artifacts
passed #3034011
ironbank
clamav scan

00:03:43

 
  Build
passed #3034012
ironbank-isolated
build

00:05:07

 
  Scanning
passed #3034013
ironbank
anchore scan

00:04:27

passed #3034014
ironbank
openscap compliance

00:03:25

passed #3034015
ironbank
openscap cve

00:10:49

passed #3034016
ironbank
twistlock scan

00:02:02

 
  Csv Output
passed #3034017
ironbank
csv output

00:01:59

 
  Check Cves
failed #3034018
ironbank allowed to fail
check cves

00:01:27

 
  Documentation
passed #3034019
ironbank
documentation

00:05:36

 
  S3 Publish
passed #3034020
ironbank
upload to s3

00:05:32

 
  Vat
passed #3034021
ironbank
vat

00:00:24

 
Name Stage Failure
failed
check cves Check Cves 
ERROR: anchore_cve                   GHSA-5mg8-w23w-74h3           guava-28.2-jre                /opt/sonarqube/lib/common/guava-28.2-jre.jar    
ERROR: anchore_cve                   GHSA-5mg8-w23w-74h3           guava-28.2-jre                /opt/sonarqube/lib/scanner/scanner-developer-8.8.0.42792-all.jar:guava    
ERROR: anchore_cve                   GHSA-vwqq-5vrc-xw9h           log4j-core-2.11.1             /opt/sonarqube/elasticsearch/bin/elasticsearch-sql-cli-7.11.2.jar:log4j-core    
ERROR: anchore_cve                   GHSA-vwqq-5vrc-xw9h           log4j-core-2.11.1             /opt/sonarqube/elasticsearch/lib/log4j-core-2.11.1.jar    
ERROR: anchore_cve                   GHSA-5mcr-gq6c-3hq2           netty-codec-http-4.1.49.Final    /opt/sonarqube/elasticsearch/modules/transport-netty4/netty-codec-http-4.1.49.Final.jar    
ERROR: twistlock_cve                 CVE-2021-21295                io.netty_netty-codec-4.1.49.Final    None                          
ERROR: twistlock_cve                 CVE-2021-21409                io.netty_netty-codec-4.1.49.Final    None                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1
failed
wl compare lint Lint 
Uploading artifacts for failed job
ci-artifacts/lint/: found 3 matching files and directories 
Uploading artifacts...
Uploading artifacts as "archive" to coordinator... ok  id=3034009 responseStatus=201 Created token=ynHr5HYK
Uploading artifacts...
variables.env: found 1 matching files and directories 
Uploading artifacts as "dotenv" to coordinator... ok  id=3034009 responseStatus=201 Created token=ynHr5HYK
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 3

UNCLASSIFIED