UNCLASSIFIED

Skip to content

GitLab

Merge branch 'renovate/docker-sonarqube-8.x' into 'development' 

Update sonarqube Docker tag to v8.9

See merge request !34
16 jobs for development in 14 minutes and 25 seconds (queued for 15 minutes and 21 seconds)
128883e5
1 related merge request: !37 Development
Status Job ID Name Coverage
  .Pre
passed #3261634
ironbank
load scripts

00:00:06

 
  Preflight
passed #3261636
ironbank
folder structure

00:00:08

passed #3261637
ironbank
hardening_manifest

00:00:10

passed #3261635
ironbank
trufflehog

00:00:07

 
  Lint
failed #3261638
ironbank allowed to fail
wl compare lint

00:00:09

 
  Import Artifacts
passed #3261639
ironbank
import artifacts

00:01:13

 
  Scan Artifacts
passed #3261640
ironbank
clamav scan

00:02:23

 
  Build
passed #3261641
ironbank-isolated
build

00:02:34

 
  Scanning
passed #3261642
ironbank
anchore scan

00:03:52

passed #3261643
ironbank
openscap compliance

00:01:19

passed #3261644
ironbank
twistlock scan

00:00:40

 
  Csv Output
passed #3261645
ironbank
csv output

00:00:31

 
  Check Cves
failed #3261646
ironbank allowed to fail
check cves

00:00:11

 
  Documentation
passed #3261647
ironbank
documentation

00:01:15

 
  S3 Publish
passed #3261648
ironbank
upload to s3

00:01:46

 
  Vat
passed #3261649
ironbank
vat

00:00:08

 
Name Stage Failure
failed
check cves Check Cves 
ERROR: anchore_cve                   GHSA-5mg8-w23w-74h3           guava-10.0.1                  /opt/sonarqube/lib/extensions/sonar-rpg-plugin-2.5.1.2575.jar:guava    
ERROR: anchore_cve                   GHSA-5mg8-w23w-74h3           guava-28.2-jre                /opt/sonarqube/lib/sonar-application-8.9.0.43852.jar:guava    
ERROR: anchore_cve                   GHSA-5mg8-w23w-74h3           guava-28.2-jre                /opt/sonarqube/lib/scanner/scanner-enterprise-8.9.0.43852-all.jar:guava    
ERROR: anchore_cve                   GHSA-vwqq-5vrc-xw9h           log4j-core-2.11.1             /opt/sonarqube/elasticsearch/bin/elasticsearch-sql-cli-7.12.1.jar:log4j-core    
ERROR: anchore_cve                   CVE-2020-13697                nanohttpd-2.3.1               /opt/sonarqube/lib/sonar-application-8.9.0.43852.jar:nanohttpd    
ERROR: twistlock_cve                 CVE-2020-28491                com.fasterxml.jackson.dataformat_jackson-dataformat-cbor-2.10.4    None                          
ERROR: twistlock_cve                 CVE-2020-28491                com.fasterxml.jackson.dataformat_jackson-dataformat-cbor-2.10.5    None                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1
failed
wl compare lint Lint 
Uploading artifacts for failed job
Uploading artifacts...
ci-artifacts/lint/: found 3 matching files and directories 
Uploading artifacts as "archive" to coordinator... ok  id=3261638 responseStatus=201 Created token=Lv5Ygdhu
Uploading artifacts...
variables.env: found 1 matching files and directories 
Uploading artifacts as "dotenv" to coordinator... ok  id=3261638 responseStatus=201 Created token=Lv5Ygdhu
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 3

UNCLASSIFIED