Running with gitlab-runner 13.6.0 (8fa89735)  on p1-public-apps-runner-gitlab-runner-567cb455cd-927j7 9syAnSNW section_start:1619625197:resolve_secrets Resolving secrets section_end:1619625197:resolve_secrets section_start:1619625197:prepare_executor Preparing the "kubernetes" executor Using Kubernetes namespace: public-gitlab-runner Using Kubernetes executor with image aquasec/trivy:0.9.0 ... section_end:1619625197:prepare_executor section_start:1619625197:prepare_script Preparing environment Waiting for pod public-gitlab-runner/runner-9syansnw-project-2327-concurrent-02j2sf to be running, status is Pending Running on runner-9syansnw-project-2327-concurrent-02j2sf via p1-public-apps-runner-gitlab-runner-567cb455cd-927j7... section_end:1619625201:prepare_script section_start:1619625201:get_sources Getting source from Git repository Fetching changes with git depth set to 50... Initialized empty Git repository in /builds/platform-one/big-bang/pipeline-templates/pipeline-templates/.git/ Created fresh repository. Checking out f20f1e5c as fix-cypress-helm-bug... Skipping Git submodules setup section_end:1619625202:get_sources section_start:1619625202:step_script Executing "step_script" stage of the job script $ apk add skopeo fetch http://dl-cdn.alpinelinux.org/alpine/v3.11/main/x86_64/APKINDEX.tar.gz fetch http://dl-cdn.alpinelinux.org/alpine/v3.11/community/x86_64/APKINDEX.tar.gz (1/26) Installing device-mapper-libs (2.02.186-r0) (2/26) Installing libgpg-error (1.36-r2) (3/26) Installing libassuan (2.5.3-r0) (4/26) Installing libffi (3.2.1-r6) (5/26) Installing libblkid (2.34-r1) (6/26) Installing libmount (2.34-r1) (7/26) Installing pcre (8.43-r1) (8/26) Installing glib (2.62.6-r0) (9/26) Installing ncurses-terminfo-base (6.1_p20200118-r4) (10/26) Installing ncurses-libs (6.1_p20200118-r4) (11/26) Installing libgcrypt (1.8.5-r0) (12/26) Installing libsecret (0.19.1-r0) (13/26) Installing pinentry (1.1.0-r2) Executing pinentry-1.1.0-r2.post-install (14/26) Installing gmp (6.1.2-r1) (15/26) Installing nettle (3.5.1-r0) (16/26) Installing p11-kit (0.23.18.1-r1) (17/26) Installing libtasn1 (4.15.0-r0) (18/26) Installing libunistring (0.9.10-r0) (19/26) Installing gnutls (3.6.15-r1) (20/26) Installing libksba (1.3.5-r0) (21/26) Installing libsasl (2.1.27-r5) (22/26) Installing libldap (2.4.48-r3) (23/26) Installing npth (1.6-r0) (24/26) Installing gnupg (2.2.19-r0) (25/26) Installing gpgme (1.13.1-r1) (26/26) Installing skopeo (0.1.40-r1) Executing busybox-1.31.1-r9.trigger OK: 79 MiB in 64 packages $ skopeo copy --screds $CI_REGISTRY_USER:$CI_REGISTRY_PASSWORD docker://$IMAGE:$CI_COMMIT_SHORT_SHA oci:/image Getting image source signatures Copying blob sha256:540db60ca9383eac9e418f78490994d0af424aab7bf6d0e47ac8ed4e2e9bcbba Copying blob sha256:5a38b3726f4b24fa93b80450be63ad67fd3239c2f3b83695118d7b1a88447d84 Copying blob sha256:e5fa5deb334027202841b051d10e7c7137fa3b63e97734309cedf6b48804df5f Copying blob sha256:09182082685c0a1147c9f22948720af9bb3544411a1b50562d18071cf31b8e21 Copying blob sha256:4562e3055ed2549b93e450d764e41b62a485d16bafb1f1ed6b67fd610444aa44 Copying blob sha256:b4de57a4336a3a0ab0e109ff4c769bce1d354c121fe62fd5f6063c53fd009d61 Copying blob sha256:542e5df0dc5eda03440d4a00ca01ceefa7cb8282a9d7b406fd54dabcdf4197c0 Copying blob sha256:d80f438b80ce510a1aaa68a9055717ab64555aec2cb9f406df158a292ea607a4 Copying blob sha256:ce6984cda5260d09ecb8c6d97e2ef18ed952c02203958665e0b225c1407afbc2 Copying blob sha256:edb2bea783dcae1b1718db7622999a0c68b01a673bbe21f8628558285402cd89 Copying blob sha256:37967e8be203e15bb4d1a9498eff49576808b9bd3113d8d7dcfcadef03f43c32 Copying blob sha256:40ce38027535b8c6fd2de34ced4fab9e7867943df1146c8074cba8dc16369624 Copying blob sha256:6c27a45997573557a1e8cfa10386e1f3b771375671867f6528a97e90f526bbd2 Copying blob sha256:dc28d78563213239cdc79764b7fb0d05b91e3032e8a1904cae8108dd28346c29 Copying blob sha256:93583577a0e4bf9b875cbd936384f43ec919a127686fda7075d3ea5a156e1775 Copying blob sha256:61895999bd464a198f9a7ddcd37b8e977ab88ab9c4352ae88c9c8ba833561627 Copying blob sha256:9b06263b87eff115fa2938789b889f7413f8146c688497c84334577a39867345 Copying blob sha256:148f141e63280fa24327240c4d00d8b77da6eddc359c083208887b7c1c7a5892 Copying blob sha256:5f6d1f524e7db9270e1a22dff7300899de00314e7168bfe02873b6a96691e879 Copying blob sha256:2398f9ee79fe2e8c0527383c09f641c1ca16952c5a1f887d7737c438e1a7b8cf Copying blob sha256:54d0a1db938beeceb2966df2e54439feb2001fc0125ee1be676a0dc7210a8f03 Copying blob sha256:b1ab7bf51d20ab4145d3e0d0bdcca200d38c2b1a405e63d307eb62cb488b7974 Copying blob sha256:bfbfa23b41034f55649ffde25027fd9efce4699ee93882a72972ef9ac42ad835 Copying blob sha256:16904b72fd7ace86f5262a4d60d3c99a117cd45d4b062183c6cbb335e8a894ee Copying blob sha256:325c460a0544e3d56951be895e3e986185bffa27d3251e914848153ec20fa9ad Copying blob sha256:341cd74f0f4557151e20c35b3d91e03d794599be5fcc3af8c49ea6e57a389df6 Copying blob sha256:2d3441d806661bb804128579fad711670be1024ae51840fe9b69e0f3cc296042 Copying blob sha256:12f2d534cc082b0fb9466d1b458494cbb56debe20bb9d77761c5f659bcea9b90 Copying blob sha256:5f3fd38fa7ba6c2420e82fadb5a9801c619566c32ec7b3ac951a708ee2995250 Copying config sha256:87f1fb8d258b038369ecaf56b02b74bd7c1f417870e66faf484d939e68152ee7 Writing manifest to image destination Storing signatures $ trivy --no-progress --input /image 2021-04-28T15:53:36.223Z INFO Need to update DB 2021-04-28T15:53:36.223Z INFO Downloading DB... 2021-04-28T15:53:40.402Z WARN This OS version is not on the EOL list: alpine 3.13 2021-04-28T15:53:40.402Z INFO Detecting Alpine vulnerabilities... 2021-04-28T15:53:40.404Z WARN This OS version is no longer supported by the distribution: alpine 3.13.5 2021-04-28T15:53:40.404Z WARN The vulnerability detection may be insufficient because security updates are not provided /image (alpine 3.13.5) ====================== Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 1, HIGH: 0, CRITICAL: 0) +---------+------------------+----------+-------------------+---------------+--------------------------------+ | LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE | +---------+------------------+----------+-------------------+---------------+--------------------------------+ | musl | CVE-2020-28928 | MEDIUM | 1.2.2-r0 | 1.2.2_pre2-r0 | In musl libc through 1.2.1, | | | | | | | wcsnrtombs mishandles | | | | | | | particular combinations of | | | | | | | destination buffer... | +---------+------------------+----------+-------------------+---------------+--------------------------------+ $ trivy --no-progress -f json -o gl-container-scanning-report.json --input /image 2021-04-28T15:53:40.420Z WARN This OS version is not on the EOL list: alpine 3.13 2021-04-28T15:53:40.421Z INFO Detecting Alpine vulnerabilities... 2021-04-28T15:53:40.422Z WARN This OS version is no longer supported by the distribution: alpine 3.13.5 2021-04-28T15:53:40.422Z WARN The vulnerability detection may be insufficient because security updates are not provided $ echo "This scan is currently only implemented for awareness, no pipeline actions are taken as a result of the scans" This scan is currently only implemented for awareness, no pipeline actions are taken as a result of the scans section_end:1619625220:step_script section_start:1619625220:upload_artifacts_on_success Uploading artifacts for successful job Uploading artifacts... gl-container-scanning-report.json: found 1 matching files and directories Uploading artifacts as "container_scanning" to coordinator... ok id=2991539 responseStatus=201 Created token=rZApm7Ea section_end:1619625220:upload_artifacts_on_success section_start:1619625220:cleanup_file_variables Cleaning up file based variables section_end:1619625221:cleanup_file_variables Job succeeded