Skip to content
Snippets Groups Projects

sast

Passed Started by
Andrei Stoicescu
@astoicescu
This job is archived. Only the complete pipeline can be retried.
1Running with gitlab-runner 12.9.0-rc1 (a350f628)
2 on docker-auto-scale fa6cab46
3 Preparing the "docker+machine" executor 01:40
4Using Docker executor with image docker:stable ...
5Starting service docker:stable-dind ...
6Pulling docker image docker:stable-dind ...
7Using docker image sha256:fe98abf5dda7ec569bc4821f20ceca66945e67882fe32f960fb8b8f179af0e42 for docker:stable-dind ...
8Waiting for services to be up and running...
9*** WARNING: Service runner-fa6cab46-project-4422333-concurrent-0-docker-0 probably didn't start properly.
10Health check error:
11service "runner-fa6cab46-project-4422333-concurrent-0-docker-0-wait-for-service" timeout
12Health check container logs:
13Service container logs:
142020-03-20T10:30:38.207858028Z time="2020-03-20T10:30:38.201576948Z" level=info msg="Starting up"
152020-03-20T10:30:38.207908236Z time="2020-03-20T10:30:38.202757398Z" level=warning msg="could not change group /var/run/docker.sock to docker: group docker not found"
162020-03-20T10:30:38.207912846Z time="2020-03-20T10:30:38.202953651Z" level=warning msg="[!] DON'T BIND ON ANY IP ADDRESS WITHOUT setting --tlsverify IF YOU DON'T KNOW WHAT YOU'RE DOING [!]"
172020-03-20T10:30:38.207916222Z time="2020-03-20T10:30:38.203727965Z" level=info msg="libcontainerd: started new containerd process" pid=21
182020-03-20T10:30:38.207927643Z time="2020-03-20T10:30:38.203758340Z" level=info msg="parsed scheme: \"unix\"" module=grpc
192020-03-20T10:30:38.207931562Z time="2020-03-20T10:30:38.203765923Z" level=info msg="scheme \"unix\" not registered, fallback to default scheme" module=grpc
202020-03-20T10:30:38.207935090Z time="2020-03-20T10:30:38.203782236Z" level=info msg="ccResolverWrapper: sending update to cc: {[{unix:///var/run/docker/containerd/containerd.sock 0 <nil>}] <nil>}" module=grpc
212020-03-20T10:30:38.207939558Z time="2020-03-20T10:30:38.203790739Z" level=info msg="ClientConn switching balancer to \"pick_first\"" module=grpc
222020-03-20T10:30:38.301794486Z time="2020-03-20T10:30:38.235463193Z" level=info msg="starting containerd" revision=7ad184331fa3e55e52b890ea95e65ba581ae3429 version=v1.2.13
232020-03-20T10:30:38.304978645Z time="2020-03-20T10:30:38.235754855Z" level=info msg="loading plugin "io.containerd.content.v1.content"..." type=io.containerd.content.v1
242020-03-20T10:30:38.308840659Z time="2020-03-20T10:30:38.255435255Z" level=info msg="loading plugin "io.containerd.snapshotter.v1.btrfs"..." type=io.containerd.snapshotter.v1
252020-03-20T10:30:38.312266620Z time="2020-03-20T10:30:38.255707790Z" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.btrfs" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.btrfs must be a btrfs filesystem to be used with the btrfs snapshotter"
262020-03-20T10:30:38.312278660Z time="2020-03-20T10:30:38.255723605Z" level=info msg="loading plugin "io.containerd.snapshotter.v1.aufs"..." type=io.containerd.snapshotter.v1
272020-03-20T10:30:38.312283156Z time="2020-03-20T10:30:38.262393973Z" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.aufs" error="modprobe aufs failed: "ip: can't find device 'aufs'\nmodprobe: can't change directory to '/lib/modules': No such file or directory\n": exit status 1"
282020-03-20T10:30:38.312287595Z time="2020-03-20T10:30:38.262413176Z" level=info msg="loading plugin "io.containerd.snapshotter.v1.native"..." type=io.containerd.snapshotter.v1
292020-03-20T10:30:38.312291374Z time="2020-03-20T10:30:38.262521567Z" level=info msg="loading plugin "io.containerd.snapshotter.v1.overlayfs"..." type=io.containerd.snapshotter.v1
302020-03-20T10:30:38.312303329Z time="2020-03-20T10:30:38.262668668Z" level=info msg="loading plugin "io.containerd.snapshotter.v1.zfs"..." type=io.containerd.snapshotter.v1
312020-03-20T10:30:38.312306963Z time="2020-03-20T10:30:38.262949069Z" level=info msg="skip loading plugin "io.containerd.snapshotter.v1.zfs"..." type=io.containerd.snapshotter.v1
322020-03-20T10:30:38.312310555Z time="2020-03-20T10:30:38.262959959Z" level=info msg="loading plugin "io.containerd.metadata.v1.bolt"..." type=io.containerd.metadata.v1
332020-03-20T10:30:38.312322203Z time="2020-03-20T10:30:38.263011633Z" level=warning msg="could not use snapshotter aufs in metadata plugin" error="modprobe aufs failed: "ip: can't find device 'aufs'\nmodprobe: can't change directory to '/lib/modules': No such file or directory\n": exit status 1"
342020-03-20T10:30:38.312328183Z time="2020-03-20T10:30:38.263021085Z" level=warning msg="could not use snapshotter zfs in metadata plugin" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter: skip plugin"
352020-03-20T10:30:38.312332031Z time="2020-03-20T10:30:38.263027774Z" level=warning msg="could not use snapshotter btrfs in metadata plugin" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.btrfs must be a btrfs filesystem to be used with the btrfs snapshotter"
362020-03-20T10:30:38.312335532Z time="2020-03-20T10:30:38.269253499Z" level=info msg="loading plugin "io.containerd.differ.v1.walking"..." type=io.containerd.differ.v1
372020-03-20T10:30:38.312338753Z time="2020-03-20T10:30:38.269280918Z" level=info msg="loading plugin "io.containerd.gc.v1.scheduler"..." type=io.containerd.gc.v1
382020-03-20T10:30:38.312341848Z time="2020-03-20T10:30:38.269308877Z" level=info msg="loading plugin "io.containerd.service.v1.containers-service"..." type=io.containerd.service.v1
392020-03-20T10:30:38.312345104Z time="2020-03-20T10:30:38.269321997Z" level=info msg="loading plugin "io.containerd.service.v1.content-service"..." type=io.containerd.service.v1
402020-03-20T10:30:38.312348318Z time="2020-03-20T10:30:38.269332243Z" level=info msg="loading plugin "io.containerd.service.v1.diff-service"..." type=io.containerd.service.v1
412020-03-20T10:30:38.312351522Z time="2020-03-20T10:30:38.269343825Z" level=info msg="loading plugin "io.containerd.service.v1.images-service"..." type=io.containerd.service.v1
422020-03-20T10:30:38.312354831Z time="2020-03-20T10:30:38.269359122Z" level=info msg="loading plugin "io.containerd.service.v1.leases-service"..." type=io.containerd.service.v1
432020-03-20T10:30:38.312357972Z time="2020-03-20T10:30:38.269370113Z" level=info msg="loading plugin "io.containerd.service.v1.namespaces-service"..." type=io.containerd.service.v1
442020-03-20T10:30:38.312361187Z time="2020-03-20T10:30:38.269380035Z" level=info msg="loading plugin "io.containerd.service.v1.snapshots-service"..." type=io.containerd.service.v1
452020-03-20T10:30:38.312364308Z time="2020-03-20T10:30:38.269391721Z" level=info msg="loading plugin "io.containerd.runtime.v1.linux"..." type=io.containerd.runtime.v1
462020-03-20T10:30:38.312367441Z time="2020-03-20T10:30:38.269567055Z" level=info msg="loading plugin "io.containerd.runtime.v2.task"..." type=io.containerd.runtime.v2
472020-03-20T10:30:38.312370528Z time="2020-03-20T10:30:38.269670494Z" level=info msg="loading plugin "io.containerd.monitor.v1.cgroups"..." type=io.containerd.monitor.v1
482020-03-20T10:30:38.312374023Z time="2020-03-20T10:30:38.270004102Z" level=info msg="loading plugin "io.containerd.service.v1.tasks-service"..." type=io.containerd.service.v1
492020-03-20T10:30:38.312377646Z time="2020-03-20T10:30:38.270032603Z" level=info msg="loading plugin "io.containerd.internal.v1.restart"..." type=io.containerd.internal.v1
502020-03-20T10:30:38.312383799Z time="2020-03-20T10:30:38.270067395Z" level=info msg="loading plugin "io.containerd.grpc.v1.containers"..." type=io.containerd.grpc.v1
512020-03-20T10:30:38.312387004Z time="2020-03-20T10:30:38.270079458Z" level=info msg="loading plugin "io.containerd.grpc.v1.content"..." type=io.containerd.grpc.v1
522020-03-20T10:30:38.312390078Z time="2020-03-20T10:30:38.270089916Z" level=info msg="loading plugin "io.containerd.grpc.v1.diff"..." type=io.containerd.grpc.v1
532020-03-20T10:30:38.312393171Z time="2020-03-20T10:30:38.270106089Z" level=info msg="loading plugin "io.containerd.grpc.v1.events"..." type=io.containerd.grpc.v1
542020-03-20T10:30:38.312396284Z time="2020-03-20T10:30:38.270116035Z" level=info msg="loading plugin "io.containerd.grpc.v1.healthcheck"..." type=io.containerd.grpc.v1
552020-03-20T10:30:38.312399461Z time="2020-03-20T10:30:38.270125938Z" level=info msg="loading plugin "io.containerd.grpc.v1.images"..." type=io.containerd.grpc.v1
562020-03-20T10:30:38.312402626Z time="2020-03-20T10:30:38.270135650Z" level=info msg="loading plugin "io.containerd.grpc.v1.leases"..." type=io.containerd.grpc.v1
572020-03-20T10:30:38.312405754Z time="2020-03-20T10:30:38.270144488Z" level=info msg="loading plugin "io.containerd.grpc.v1.namespaces"..." type=io.containerd.grpc.v1
582020-03-20T10:30:38.312408935Z time="2020-03-20T10:30:38.270153664Z" level=info msg="loading plugin "io.containerd.internal.v1.opt"..." type=io.containerd.internal.v1
592020-03-20T10:30:38.312412111Z time="2020-03-20T10:30:38.270414230Z" level=info msg="loading plugin "io.containerd.grpc.v1.snapshots"..." type=io.containerd.grpc.v1
602020-03-20T10:30:38.312415192Z time="2020-03-20T10:30:38.270429371Z" level=info msg="loading plugin "io.containerd.grpc.v1.tasks"..." type=io.containerd.grpc.v1
612020-03-20T10:30:38.312418368Z time="2020-03-20T10:30:38.270439789Z" level=info msg="loading plugin "io.containerd.grpc.v1.version"..." type=io.containerd.grpc.v1
622020-03-20T10:30:38.312421454Z time="2020-03-20T10:30:38.270449598Z" level=info msg="loading plugin "io.containerd.grpc.v1.introspection"..." type=io.containerd.grpc.v1
632020-03-20T10:30:38.312424979Z time="2020-03-20T10:30:38.270650098Z" level=info msg=serving... address="/var/run/docker/containerd/containerd-debug.sock"
642020-03-20T10:30:38.312428169Z time="2020-03-20T10:30:38.270712281Z" level=info msg=serving... address="/var/run/docker/containerd/containerd.sock"
652020-03-20T10:30:38.312431250Z time="2020-03-20T10:30:38.270727633Z" level=info msg="containerd successfully booted in 0.036988s"
662020-03-20T10:30:38.312434257Z time="2020-03-20T10:30:38.287063514Z" level=info msg="Setting the storage driver from the $DOCKER_DRIVER environment variable (overlay2)"
672020-03-20T10:30:38.312437395Z time="2020-03-20T10:30:38.287272902Z" level=info msg="parsed scheme: \"unix\"" module=grpc
682020-03-20T10:30:38.312440598Z time="2020-03-20T10:30:38.287286730Z" level=info msg="scheme \"unix\" not registered, fallback to default scheme" module=grpc
692020-03-20T10:30:38.312443948Z time="2020-03-20T10:30:38.287306526Z" level=info msg="ccResolverWrapper: sending update to cc: {[{unix:///var/run/docker/containerd/containerd.sock 0 <nil>}] <nil>}" module=grpc
702020-03-20T10:30:38.312450750Z time="2020-03-20T10:30:38.287315578Z" level=info msg="ClientConn switching balancer to \"pick_first\"" module=grpc
712020-03-20T10:30:38.312454079Z time="2020-03-20T10:30:38.291448388Z" level=info msg="parsed scheme: \"unix\"" module=grpc
722020-03-20T10:30:38.312457220Z time="2020-03-20T10:30:38.291464040Z" level=info msg="scheme \"unix\" not registered, fallback to default scheme" module=grpc
732020-03-20T10:30:38.312460407Z time="2020-03-20T10:30:38.291484695Z" level=info msg="ccResolverWrapper: sending update to cc: {[{unix:///var/run/docker/containerd/containerd.sock 0 <nil>}] <nil>}" module=grpc
742020-03-20T10:30:38.312463840Z time="2020-03-20T10:30:38.291493693Z" level=info msg="ClientConn switching balancer to \"pick_first\"" module=grpc
752020-03-20T10:30:38.348578881Z time="2020-03-20T10:30:38.343409672Z" level=info msg="Loading containers: start."
762020-03-20T10:30:38.364205134Z time="2020-03-20T10:30:38.358886547Z" level=warning msg="Running modprobe bridge br_netfilter failed with message: ip: can't find device 'bridge'\nbridge 167936 1 br_netfilter\nstp 16384 1 bridge\nllc 16384 2 bridge,stp\nip: can't find device 'br_netfilter'\nbr_netfilter 24576 0 \nbridge 167936 1 br_netfilter\nmodprobe: can't change directory to '/lib/modules': No such file or directory\n, error: exit status 1"
772020-03-20T10:30:38.481948149Z time="2020-03-20T10:30:38.479860044Z" level=info msg="Default bridge (docker0) is assigned with an IP address 172.18.0.0/16. Daemon option --bip can be used to set a preferred IP address"
782020-03-20T10:30:38.531942958Z time="2020-03-20T10:30:38.531434138Z" level=info msg="Loading containers: done."
792020-03-20T10:30:38.552369105Z time="2020-03-20T10:30:38.551999730Z" level=info msg="Docker daemon" commit=afacb8b7f0 graphdriver(s)=overlay2 version=19.03.8
802020-03-20T10:30:38.552387720Z time="2020-03-20T10:30:38.552163646Z" level=info msg="Daemon has completed initialization"
812020-03-20T10:30:38.604932708Z time="2020-03-20T10:30:38.603773212Z" level=info msg="API listen on [::]:2375"
822020-03-20T10:30:38.604970315Z time="2020-03-20T10:30:38.603889357Z" level=info msg="API listen on /var/run/docker.sock"
83*********
84Pulling docker image docker:stable ...
85Using docker image sha256:f39826ae385e029ae634eb6a81091da60dae2e6ee2a19342c2e05ed4c3cb9171 for docker:stable ...
86 Preparing environment 00:02
87Running on runner-fa6cab46-project-4422333-concurrent-0 via runner-fa6cab46-stg-srm-1584700169-3cedc19a...
88 Getting source from Git repository 00:01
89$ eval "$CI_PRE_CLONE_SCRIPT"
90Fetching changes with git depth set to 50...
91Initialized empty Git repository in /builds/gitlab-org/monitor/monitor-sandbox/.git/
92Created fresh repository.
93From https://staging.gitlab.com/gitlab-org/monitor/monitor-sandbox
94 * [new ref] refs/pipelines/12726625 -> refs/pipelines/12726625
95 * [new branch] master -> origin/master
96Checking out 5bf09697 as master...
97Skipping Git submodules setup
98 Restoring cache 00:02
99 Downloading artifacts 00:01
100 Running script from Job 00:27
101$ export SAST_VERSION=${SP_VERSION:-$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')}
102$ if ! docker info &>/dev/null; then # collapsed multi-line command
103$ ENVS=`printenv | grep -vE '^(DOCKER_|CI|GITLAB_|FF_|HOME|PWD|OLDPWD|PATH|SHLVL|HOSTNAME)' | sed -n '/^[^\t]/s/=.*//p' | sed '/^$/d' | sed 's/^/-e /g' | tr '\n' ' '`
104$ docker run $ENVS \ # collapsed multi-line command
105Unable to find image 'registry.gitlab.com/gitlab-org/security-products/sast:12-9-stable' locally
10612-9-stable: Pulling from gitlab-org/security-products/sast
107dade2898c231: Pulling fs layer
108dade2898c231: Verifying Checksum
109dade2898c231: Download complete
110dade2898c231: Pull complete
111Digest: sha256:8c99445fffb5cd0c7288d3a2c5d19f1dc70ade4d7d20816047b190ab02b7b505
112Status: Downloaded newer image for registry.gitlab.com/gitlab-org/security-products/sast:12-9-stable
1132020/03/20 10:31:17 Copy project directory to containers
1142020/03/20 10:31:17 [bandit] Detect project using plugin
1152020/03/20 10:31:17 [bandit] Project not compatible
1162020/03/20 10:31:17 [brakeman] Detect project using plugin
1172020/03/20 10:31:17 [brakeman] Project not compatible
1182020/03/20 10:31:17 [gosec] Detect project using plugin
1192020/03/20 10:31:17 [gosec] Project not compatible
1202020/03/20 10:31:17 [spotbugs] Detect project using plugin
1212020/03/20 10:31:17 [spotbugs] Project not compatible
1222020/03/20 10:31:17 [flawfinder] Detect project using plugin
1232020/03/20 10:31:17 [flawfinder] Project not compatible
1242020/03/20 10:31:17 [phpcs-security-audit] Detect project using plugin
1252020/03/20 10:31:17 [phpcs-security-audit] Project not compatible
1262020/03/20 10:31:17 [security-code-scan] Detect project using plugin
1272020/03/20 10:31:17 [security-code-scan] Project not compatible
1282020/03/20 10:31:17 [nodejs-scan] Detect project using plugin
1292020/03/20 10:31:17 [nodejs-scan] Project is compatible
1302020/03/20 10:31:17 [nodejs-scan] Downloading analyzer...
131........................................................................
1322020/03/20 10:31:21 [nodejs-scan] Starting analyzer...
133Found project in /tmp/app
13430 rules loaded
135Successfully compiled 3 files with Babel.
1362020/03/20 10:31:24 [eslint] Detect project using plugin
1372020/03/20 10:31:24 [eslint] Project is compatible
1382020/03/20 10:31:24 [eslint] Downloading analyzer...
139..............................................................................2020/03/20 10:31:30 [eslint] Starting analyzer...
140.
141Found project in /tmp/app
1422020/03/20 10:31:34 [tslint] Detect project using plugin
1432020/03/20 10:31:34 [tslint] Project not compatible
1442020/03/20 10:31:34 [secrets] Detect project using plugin
1452020/03/20 10:31:34 [secrets] Project is compatible
1462020/03/20 10:31:34 [secrets] Downloading analyzer...
147......................................................
1482020/03/20 10:31:38 [secrets] Starting analyzer...
1492020/03/20 10:31:41 [sobelow] Detect project using plugin
1502020/03/20 10:31:41 [sobelow] Project not compatible
1512020/03/20 10:31:41 [pmd-apex] Detect project using plugin
1522020/03/20 10:31:41 [pmd-apex] Project not compatible
1532020/03/20 10:31:41 [kubesec] Detect project using plugin
1542020/03/20 10:31:41 [kubesec] Project not compatible
155+----------------------------------------------------------------------------------------+
156| Severity | Tool | Location |
157+----------------------------------------------------------------------------------------+
158 Running after script 00:01
159 Saving cache 00:02
160 Uploading artifacts for successful job 00:02
161Uploading artifacts...
162gl-sast-report.json: found 1 matching files
163Uploading artifacts to coordinator... ok id=37117907 responseStatus=201 Created token=Xs7ZJEQo
164Job succeeded