Skip to content
Snippets Groups Projects

container_scanning

Passed Started by
Dhiraj Bodicherla
@dbodicherla
This job is archived. Only the complete pipeline can be retried.
1Running with gitlab-runner 13.0.0-rc2 (926834bc)
2 on docker-auto-scale 72989761
3 Preparing the "docker+machine" executor 01:26
4Using Docker executor with image registry.gitlab.com/gitlab-org/security-products/analyzers/klar:2 ...
5Starting service registry.gitlab.com/gitlab-org/security-products/analyzers/clair-vulnerabilities-db:latest ...
6Pulling docker image registry.gitlab.com/gitlab-org/security-products/analyzers/clair-vulnerabilities-db:latest ...
7Using docker image sha256:874ba4d2dfb3897803b8c7d23d56c2bcd04b062af41422d5d60f2f28538ef7c3 for registry.gitlab.com/gitlab-org/security-products/analyzers/clair-vulnerabilities-db:latest ...
8Waiting for services to be up and running...
9Pulling docker image registry.gitlab.com/gitlab-org/security-products/analyzers/klar:2 ...
10Using docker image sha256:3637cca9e5f6409c93af9b09201642da6b7d7b08885fa4d7738109104c622205 for registry.gitlab.com/gitlab-org/security-products/analyzers/klar:2 ...
11 Preparing environment 00:02
12Running on runner-72989761-project-4422333-concurrent-0 via runner-72989761-stg-srm-1590088427-a3a79656...
13 Getting source from Git repository 00:02
14Skipping Git repository setup
15Skipping Git checkout
16Skipping Git submodules setup
17 Restoring cache 00:01
18 Downloading artifacts 00:02
19 Running before_script and script 00:09
20$ /analyzer run
21[INFO] ▶ GitLab klar analyzer v2.4.4
22[WARN] ▶ Whitelist file with path '/builds/gitlab-org/monitor/monitor-sandbox/clair-whitelist.yml' does not exist, skipping
23[INFO] ▶ DOCKER_USER and DOCKER_PASSWORD environment variables have not been configured. Defaulting to DOCKER_USER=$CI_REGISTRY_USER and DOCKER_PASSWORD=$CI_REGISTRY_PASSWORD
24[INFO] ▶ Successfully connected to the vulnerabilities database
25[INFO] ▶ Started Clair server process with PID: 15
26[INFO] ▶ Waiting for Clair API to start...
27[WARN] ▶ Clair API not ready, waiting 2s before retrying. Retry 1 of 10
28[WARN] ▶ Clair log contents:
29 {"Event":"running database migrations","Level":"info","Location":"pgsql.go:216","Time":"2020-05-21 19:15:20.898222"}
30
31[WARN] ▶ Clair log contents:
32 {"Event":"database migration ran successfully","Level":"info","Location":"pgsql.go:223","Time":"2020-05-21 19:15:20.989486"}
33
34[WARN] ▶ Clair log contents:
35 {"Event":"notifier service is disabled","Level":"info","Location":"notifier.go:77","Time":"2020-05-21 19:15:20.990182"}
36 {"Event":"starting main API","Level":"info","Location":"api.go:52","Time":"2020-05-21 19:15:20.990231","port":6060}
37
38[INFO] ▶ Clair API started successfully.
39[INFO] ▶ Scanning container from registry 'registry.staging.gitlab.com/gitlab-org/monitor/monitor-sandbox/master:3997cec77dfdd8cb5c7f8453edbf91335c1e7225' for vulnerabilities with severity level 'Unknown' or higher with klar '2.4.0' and clair 'v2.1.2'
40[INFO] ▶ Shutting down Clair server with PID: 15
41[INFO] ▶ Clair server shut down successfully
42[WARN] ▶ Encountered error while reading Dockerfile for remediation, halting remediation processing. Error: Dockerfile does not exist
43[INFO] ▶ Image [registry.staging.gitlab.com/gitlab-org/monitor/monitor-sandbox/master:3997cec77dfdd8cb5c7f8453edbf91335c1e7225] contains NO unapproved vulnerabilities
44 Running after_script 00:02
45 Saving cache 00:01
46 Uploading artifacts for successful job 00:03
47Uploading artifacts...
48gl-container-scanning-report.json: found 1 matching files
49Uploading artifacts to coordinator... ok id=37227502 responseStatus=201 Created token=ywSxV1YU
50Job succeeded