Running with gitlab-runner 13.6.0 (8fa89735)  on bigbang-public-runner-gitlab-runner-848b4ffbcd-gxfzz pP4YiAQX section_start:1620845144:resolve_secrets Resolving secrets section_end:1620845144:resolve_secrets section_start:1620845144:prepare_executor Preparing the "kubernetes" executor Using Kubernetes namespace: private-bigbang-runner Using Kubernetes executor with image aquasec/trivy:0.9.0 ... section_end:1620845144:prepare_executor section_start:1620845144:prepare_script Preparing environment Waiting for pod private-bigbang-runner/runner-pp4yiaqx-project-2327-concurrent-1q742k to be running, status is Pending Running on runner-pp4yiaqx-project-2327-concurrent-1q742k via bigbang-public-runner-gitlab-runner-848b4ffbcd-gxfzz... section_end:1620845147:prepare_script section_start:1620845147:get_sources Getting source from Git repository Fetching changes with git depth set to 50... Initialized empty Git repository in /builds/platform-one/big-bang/pipeline-templates/pipeline-templates/.git/ Created fresh repository. Checking out 14b77bdc as compression... Skipping Git submodules setup section_end:1620845148:get_sources section_start:1620845148:step_script Executing "step_script" stage of the job script $ apk add skopeo fetch http://dl-cdn.alpinelinux.org/alpine/v3.11/main/x86_64/APKINDEX.tar.gz fetch http://dl-cdn.alpinelinux.org/alpine/v3.11/community/x86_64/APKINDEX.tar.gz (1/26) Installing device-mapper-libs (2.02.186-r0) (2/26) Installing libgpg-error (1.36-r2) (3/26) Installing libassuan (2.5.3-r0) (4/26) Installing libffi (3.2.1-r6) (5/26) Installing libblkid (2.34-r1) (6/26) Installing libmount (2.34-r1) (7/26) Installing pcre (8.43-r1) (8/26) Installing glib (2.62.6-r0) (9/26) Installing ncurses-terminfo-base (6.1_p20200118-r4) (10/26) Installing ncurses-libs (6.1_p20200118-r4) (11/26) Installing libgcrypt (1.8.5-r0) (12/26) Installing libsecret (0.19.1-r0) (13/26) Installing pinentry (1.1.0-r2) Executing pinentry-1.1.0-r2.post-install (14/26) Installing gmp (6.1.2-r1) (15/26) Installing nettle (3.5.1-r0) (16/26) Installing p11-kit (0.23.18.1-r1) (17/26) Installing libtasn1 (4.15.0-r0) (18/26) Installing libunistring (0.9.10-r0) (19/26) Installing gnutls (3.6.15-r1) (20/26) Installing libksba (1.3.5-r0) (21/26) Installing libsasl (2.1.27-r5) (22/26) Installing libldap (2.4.48-r3) (23/26) Installing npth (1.6-r0) (24/26) Installing gnupg (2.2.19-r0) (25/26) Installing gpgme (1.13.1-r1) (26/26) Installing skopeo (0.1.40-r1) Executing busybox-1.31.1-r9.trigger OK: 79 MiB in 64 packages $ skopeo copy --screds $CI_REGISTRY_USER:$CI_REGISTRY_PASSWORD docker://$IMAGE:$CI_COMMIT_SHORT_SHA oci:/image Getting image source signatures Copying blob sha256:540db60ca9383eac9e418f78490994d0af424aab7bf6d0e47ac8ed4e2e9bcbba Copying blob sha256:5a38b3726f4b24fa93b80450be63ad67fd3239c2f3b83695118d7b1a88447d84 Copying blob sha256:e5fa5deb334027202841b051d10e7c7137fa3b63e97734309cedf6b48804df5f Copying blob sha256:09182082685c0a1147c9f22948720af9bb3544411a1b50562d18071cf31b8e21 Copying blob sha256:4562e3055ed2549b93e450d764e41b62a485d16bafb1f1ed6b67fd610444aa44 Copying blob sha256:b4de57a4336a3a0ab0e109ff4c769bce1d354c121fe62fd5f6063c53fd009d61 Copying blob sha256:542e5df0dc5eda03440d4a00ca01ceefa7cb8282a9d7b406fd54dabcdf4197c0 Copying blob sha256:216590720d4eea20b7b0359ee4f7e0e753d1f830611644eb8e72361997ee1584 Copying blob sha256:a2711863f8f097ca0e2cfbebdc13c8a063b44887ef193327fbe767d21169fd7c Copying blob sha256:aeff4c3f600bcdab9c9da54546f3a07a7977078da59dee5eddb58dcee2d39ee7 Copying blob sha256:9ec5c73b9c6cca12adc44ceb0b1c27e14a6c99db5feeef9dc9b377347138b286 Copying blob sha256:f293a0674d0b98c8f830bc251448c6e78ffb9c026a6c58d6edca965f414b4ddf Copying blob sha256:4035af69a36611c7581ff44d846cd02a01db6e01a54c6e1f459a04476b87b9ab Copying blob sha256:209f57acdc9b84d23c89943f6099549d936e3ad1f45a93979fb923432a3b6da3 Copying blob sha256:f92df1889f929a62b29b49212a7bf5ae74373110f7e89f8ac50de13c09ce8079 Copying blob sha256:5c998db41ac5aae0af9d4d04ba31e25f7ea770282e9c2ad10012bd57f5db77d8 Copying blob sha256:7bd67bed874a76e07ccf6464bbcf2cafbf7ecd5e3e0a8c91f7c284af8ac6963b Copying blob sha256:a79dca2d59566f15097cff04e0b1cfa559e27774bdacfb9349937bb86e1cd43e Copying blob sha256:802eb8b7b4d6692b42b8c906f4bca30f78ede9195598368b77df5a0bd8329dc0 Copying blob sha256:a8f729c59697faae77450c5f8ed2fdfb293ec9cddce32599bccd8dd892fb2e62 Copying blob sha256:3d6eceeb29ea9cef33787e2ec70a1c1ff2acab75296fcefe508ef466ac0dc4e5 Copying blob sha256:e3cc55b09a765158b64e68ad3e2cbe371d383a156afa758fde38ec40c6ad7ad5 Copying blob sha256:c8afe8957c76df0e5e74ba29a157a73069d40e663266f82262a9600a0133e79a Copying blob sha256:f26cda7963b74405516a372b6eae7465db56578327b748c7303d7916eb63483d Copying blob sha256:43a6ea2108e8e38262c657b9117e360efe79fdc413372eb2fbbedc523cc81aa3 Copying blob sha256:69894111f6bf610a96800502ae8e314113263e79ee71458d18e5f6012bc44640 Copying blob sha256:426c277f416f4bd7125cd2059bad05d19eb42f3114aa956a91b563a4bdb7f19e Copying blob sha256:013e143671ff4f19f8987aea42db52e459934cbd56cfe8a218563ed804bde67c Copying blob sha256:e075638b84d511823fabd9fd890872728157ad6e39a78e161ad848dbd2a5d447 Copying config sha256:987f798123a4d89d2e6cfdc2fff61f7c0045b09e1fc6ac3f941f6eca1356d44c Writing manifest to image destination Storing signatures $ trivy --no-progress --input /image 2021-05-12T18:46:02.754Z INFO Need to update DB 2021-05-12T18:46:02.754Z INFO Downloading DB... 2021-05-12T18:46:06.633Z WARN This OS version is not on the EOL list: alpine 3.13 2021-05-12T18:46:06.633Z INFO Detecting Alpine vulnerabilities... 2021-05-12T18:46:06.635Z WARN This OS version is no longer supported by the distribution: alpine 3.13.5 2021-05-12T18:46:06.635Z WARN The vulnerability detection may be insufficient because security updates are not provided /image (alpine 3.13.5) ====================== Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 1, HIGH: 0, CRITICAL: 0) +---------+------------------+----------+-------------------+---------------+--------------------------------+ | LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE | +---------+------------------+----------+-------------------+---------------+--------------------------------+ | musl | CVE-2020-28928 | MEDIUM | 1.2.2-r0 | 1.2.2_pre2-r0 | In musl libc through 1.2.1, | | | | | | | wcsnrtombs mishandles | | | | | | | particular combinations of | | | | | | | destination buffer... | +---------+------------------+----------+-------------------+---------------+--------------------------------+ $ trivy --no-progress -f json -o gl-container-scanning-report.json --input /image 2021-05-12T18:46:06.654Z WARN This OS version is not on the EOL list: alpine 3.13 2021-05-12T18:46:06.655Z INFO Detecting Alpine vulnerabilities... 2021-05-12T18:46:06.657Z WARN This OS version is no longer supported by the distribution: alpine 3.13.5 2021-05-12T18:46:06.657Z WARN The vulnerability detection may be insufficient because security updates are not provided $ echo "This scan is currently only implemented for awareness, no pipeline actions are taken as a result of the scans" This scan is currently only implemented for awareness, no pipeline actions are taken as a result of the scans section_end:1620845166:step_script section_start:1620845166:upload_artifacts_on_success Uploading artifacts for successful job Uploading artifacts... gl-container-scanning-report.json: found 1 matching files and directories Uploading artifacts as "container_scanning" to coordinator... ok id=3283622 responseStatus=201 Created token=zymDtjTx section_end:1620845167:upload_artifacts_on_success section_start:1620845167:cleanup_file_variables Cleaning up file based variables section_end:1620845167:cleanup_file_variables Job succeeded