UNCLASSIFIED

Skip to content

GitLab

Merge branch 'renovate/sonarsource-docker-sonarqube-8.x' into 'development' 

Update dependency SonarSource/docker-sonarqube to v8.9

See merge request !26
16 jobs for development in 14 minutes and 22 seconds (queued for 16 minutes and 4 seconds)
7774d4b1
1 related merge request: !28 Development
Status Job ID Name Coverage
  .Pre
passed #3261650
ironbank
load scripts

00:00:07

 
  Preflight
passed #3261652
ironbank
folder structure

00:00:06

passed #3261653
ironbank
hardening_manifest

00:00:09

passed #3261651
ironbank
trufflehog

00:00:07

 
  Lint
failed #3261654
ironbank allowed to fail
wl compare lint

00:00:09

 
  Import Artifacts
passed #3261655
ironbank
import artifacts

00:01:09

 
  Scan Artifacts
passed #3261656
ironbank
clamav scan

00:02:24

 
  Build
passed #3261657
ironbank-isolated
build

00:02:50

 
  Scanning
passed #3261658
ironbank
anchore scan

00:03:42

passed #3261659
ironbank
openscap compliance

00:01:19

passed #3261660
ironbank
twistlock scan

00:00:37

 
  Csv Output
passed #3261661
ironbank
csv output

00:00:31

 
  Check Cves
failed #3261662
ironbank allowed to fail
check cves

00:00:11

 
  Documentation
passed #3261663
ironbank
documentation

00:01:10

 
  S3 Publish
passed #3261664
ironbank
upload to s3

00:01:43

 
  Vat
passed #3261665
ironbank
vat

00:00:09

 
Name Stage Failure
failed
check cves Check Cves 
ERROR: anchore_cve                   GHSA-5mg8-w23w-74h3           guava-10.0.1                  /opt/sonarqube/lib/extensions/sonar-flex-plugin-2.6.1.2564.jar:guava    
ERROR: anchore_cve                   GHSA-5mg8-w23w-74h3           guava-28.2-jre                /opt/sonarqube/lib/scanner/scanner-developer-8.9.0.43852-all.jar:guava    
ERROR: anchore_cve                   GHSA-5mg8-w23w-74h3           guava-28.2-jre                /opt/sonarqube/lib/sonar-application-8.9.0.43852.jar:guava    
ERROR: anchore_cve                   GHSA-vwqq-5vrc-xw9h           log4j-core-2.11.1             /opt/sonarqube/elasticsearch/bin/elasticsearch-sql-cli-7.12.1.jar:log4j-core    
ERROR: anchore_cve                   CVE-2020-13697                nanohttpd-2.3.1               /opt/sonarqube/lib/sonar-application-8.9.0.43852.jar:nanohttpd    
ERROR: twistlock_cve                 CVE-2020-28491                com.fasterxml.jackson.dataformat_jackson-dataformat-cbor-2.10.4    None                          
ERROR: twistlock_cve                 CVE-2020-28491                com.fasterxml.jackson.dataformat_jackson-dataformat-cbor-2.10.5    None                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1
failed
wl compare lint Lint 
Uploading artifacts for failed job
Uploading artifacts...
ci-artifacts/lint/: found 3 matching files and directories 
Uploading artifacts as "archive" to coordinator... ok  id=3261654 responseStatus=201 Created token=b6-ysRuw
Uploading artifacts...
variables.env: found 1 matching files and directories 
Uploading artifacts as "dotenv" to coordinator... ok  id=3261654 responseStatus=201 Created token=b6-ysRuw
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 3

UNCLASSIFIED