Pipeline · Ironbank Containers / SonarSource / sonarqube / sonarqube8-developer

Merge branch 'renovate/sonarqube-8.9-developer' into 'development'

Update sonarqube:8.9-developer Docker digest to 4de9a8a

See merge request !43

16 jobs for development in 54 minutes and 6 seconds (queued for 53 minutes and 28 seconds)

4b043769

Status	Job ID	Name
.Pre
passed	#5224254	load-scripts	00:00:10 Jul 29, 2021

Preflight
passed	#5224256	folder-structure	00:00:09 Jul 29, 2021
passed	#5224257	hardening-manifest	00:00:14 Jul 29, 2021
passed	#5224255	trufflehog	00:00:10 Jul 29, 2021

Lint
passed	#5224258	wl-compare-lint	00:00:15 Jul 29, 2021

Import Artifacts
passed	#5224259	import-artifacts	00:01:11 Jul 29, 2021

Scan Artifacts
passed	#5224260	clamav-scan	00:02:35 Jul 29, 2021

Build
passed	#5224261	build	00:04:31 Jul 29, 2021

Scanning
passed	#5224262	anchore-scan	00:07:08 Jul 29, 2021
passed	#5224263 ironbank-dsop-privileged	openscap-compliance	00:02:22 Jul 29, 2021
passed	#5224264	twistlock-scan	00:39:07 Jul 29, 2021

Csv Output
passed	#5224265	csv-output	00:00:38 Jul 29, 2021

Check Cves
failed	#5224266 allowed to fail	check-cves	00:00:24 Jul 29, 2021

Documentation
passed	#5224267	documentation	00:01:42 Jul 29, 2021

S3 Publish
passed	#5224268	upload-to-s3	00:02:45 Jul 29, 2021

Vat
passed	#5224269	vat	00:00:25 Jul 29, 2021

Name Stage Failure

	Name	Stage	Failure
failed	check-cves	Check Cves
	ERROR: anchore_cve CVE-2021-0555 protobuf-3.11.4 /opt/sonarqube/lib/scanner/scanner-developer-8.9.2.46101-all.jar:protobuf-java ERROR: anchore_cve CVE-2021-0555 protobuf-3.11.4 /opt/sonarqube/lib/sonar-application-8.9.2.46101.jar:protobuf-java ERROR: twistlock_cve CVE-2021-21290 io.netty_netty-codec-http-4.1.49.Final None ERROR: twistlock_cve CVE-2021-35515 org.apache.commons_commons-compress-1.20 None ERROR: twistlock_cve CVE-2021-35516 org.apache.commons_commons-compress-1.20 None ERROR: twistlock_cve CVE-2021-35517 org.apache.commons_commons-compress-1.20 None ERROR: twistlock_cve CVE-2021-36090 org.apache.commons_commons-compress-1.20 None Cleaning up file based variables ERROR: Job failed: command terminated with exit code 1

failed

check-cves

Check Cves

ERROR: anchore_cve                   CVE-2021-0555                 protobuf-3.11.4               /opt/sonarqube/lib/scanner/scanner-developer-8.9.2.46101-all.jar:protobuf-java    
ERROR: anchore_cve                   CVE-2021-0555                 protobuf-3.11.4               /opt/sonarqube/lib/sonar-application-8.9.2.46101.jar:protobuf-java    
ERROR: twistlock_cve                 CVE-2021-21290                io.netty_netty-codec-http-4.1.49.Final    None                          
ERROR: twistlock_cve                 CVE-2021-35515                org.apache.commons_commons-compress-1.20    None                          
ERROR: twistlock_cve                 CVE-2021-35516                org.apache.commons_commons-compress-1.20    None                          
ERROR: twistlock_cve                 CVE-2021-35517                org.apache.commons_commons-compress-1.20    None                          
ERROR: twistlock_cve                 CVE-2021-36090                org.apache.commons_commons-compress-1.20    None                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1