Pipeline · Ironbank Containers / SonarSource / sonarqube / sonarqube8-enterprise

Update sonarqube:8.9-enterprise Docker digest to 994d814

14 jobs for renovate/sonarqube-8.9-enterprise in 29 minutes and 11 seconds (queued for 18 minutes and 33 seconds)

Status	Job ID	Name
.Pre
passed	#4019472	load-scripts	00:00:29 Jun 11, 2021

Preflight
passed	#4019474	folder-structure	00:00:33 Jun 11, 2021
passed	#4019475	hardening-manifest	00:00:31 Jun 11, 2021
passed	#4019473	trufflehog	00:00:26 Jun 11, 2021

Lint
passed	#4019476	wl-compare-lint	00:00:32 Jun 11, 2021

Import Artifacts
passed	#4019477	import-artifacts	00:03:31 Jun 11, 2021

Scan Artifacts
passed	#4019478	clamav-scan	00:04:38 Jun 11, 2021

Build
passed	#4019479	build	00:09:05 Jun 11, 2021

Scanning
passed	#4019480	anchore-scan	00:08:04 Jun 11, 2021
passed	#4019481 ironbank-dsop-privileged	openscap-compliance	00:05:57 Jun 11, 2021
passed	#4019482	twistlock-scan	00:01:27 Jun 11, 2021

Csv Output
passed	#4019483	csv-output	00:01:05 Jun 11, 2021

Check Cves
failed	#4019484 allowed to fail	check-cves	00:00:38 Jun 11, 2021

Documentation
passed	#4019485	create-tar	00:01:37 Jun 11, 2021

Name Stage Failure

	Name	Stage	Failure
failed	check-cves	Check Cves
	ERROR: anchore_cve VULNDB-256815 commons-compress-1.20 /opt/sonarqube/lib/extensions/sonar-cfamily-plugin-6.20.1.32841.jar:commons-compress ERROR: anchore_cve VULNDB-257084 commons-compress-1.20 /opt/sonarqube/lib/extensions/sonar-cfamily-plugin-6.20.1.32841.jar:commons-compress ERROR: anchore_cve VULNDB-257084 commons-compress-1.20 /opt/sonarqube/lib/extensions/sonar-javascript-plugin-7.4.4.15624.jar:commons-compress ERROR: anchore_cve GHSA-5mg8-w23w-74h3 guava-28.2-jre /opt/sonarqube/lib/scanner/scanner-enterprise-8.9.1.44547-all.jar:guava ERROR: anchore_cve GHSA-5mg8-w23w-74h3 guava-28.2-jre /opt/sonarqube/lib/sonar-application-8.9.1.44547.jar:guava ERROR: anchore_cve CVE-2020-13697 nanohttpd-2.3.1 /opt/sonarqube/lib/sonar-application-8.9.1.44547.jar:nanohttpd ERROR: twistlock_cve CVE-2021-22118 spring-core_spring-core-5.2.13 None Cleaning up file based variables ERROR: Job failed: command terminated with exit code 1

failed

check-cves

Check Cves

ERROR: anchore_cve                   VULNDB-256815                 commons-compress-1.20         /opt/sonarqube/lib/extensions/sonar-cfamily-plugin-6.20.1.32841.jar:commons-compress    
ERROR: anchore_cve                   VULNDB-257084                 commons-compress-1.20         /opt/sonarqube/lib/extensions/sonar-cfamily-plugin-6.20.1.32841.jar:commons-compress    
ERROR: anchore_cve                   VULNDB-257084                 commons-compress-1.20         /opt/sonarqube/lib/extensions/sonar-javascript-plugin-7.4.4.15624.jar:commons-compress    
ERROR: anchore_cve                   GHSA-5mg8-w23w-74h3           guava-28.2-jre                /opt/sonarqube/lib/scanner/scanner-enterprise-8.9.1.44547-all.jar:guava    
ERROR: anchore_cve                   GHSA-5mg8-w23w-74h3           guava-28.2-jre                /opt/sonarqube/lib/sonar-application-8.9.1.44547.jar:guava    
ERROR: anchore_cve                   CVE-2020-13697                nanohttpd-2.3.1               /opt/sonarqube/lib/sonar-application-8.9.1.44547.jar:nanohttpd    
ERROR: twistlock_cve                 CVE-2021-22118                spring-core_spring-core-5.2.13    None                          
Cleaning up file based variables
ERROR: Job failed: command terminated with exit code 1