Skip to content
ci

ci #1543

Sign in to view logs

ci

ci #1543

Triggered via schedule November 11, 2024 10:02
@crazy-maxcrazy-max
4d94497
master
Status Failure
Total duration 36s
Artifacts 3

ci.yml

on: schedule
tarball
23s
tarball
sarif
19s
sarif
build-scan-push
20s
build-scan-push
Matrix: annotations
Matrix: image
Matrix: threshold
Fit to window
Zoom out
Zoom in

Annotations

14 errors, 12 warnings, and 5 notices
image (alpine:3.9)
2024-11-11T10:02:14Z INFO [vulndb] Need to update DB 2024-11-11T10:02:14Z INFO [vulndb] Downloading vulnerability DB... 2024-11-11T10:02:14Z INFO [vulndb] Downloading artifact... repo="ghcr.io/aquasecurity/trivy-db:2" 2024-11-11T10:02:14Z ERROR [vulndb] Failed to download artifact repo="ghcr.io/aquasecurity/trivy-db:2" err="OCI repository error: 1 error occurred:\n\t* GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 90.807µs, allowed: 44000/minute\n\n" 2024-11-11T10:02:14Z FATAL Fatal error init error: DB error: failed to download vulnerability DB: OCI artifact error: failed to download vulnerability DB: failed to download artifact from any source: 1 error occurred: * OCI repository error: 1 error occurred: * GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 90.807µs, allowed: 44000/minute
annotations (alpine:3.9)
2024-11-11T10:02:15Z INFO [vulndb] Need to update DB 2024-11-11T10:02:15Z INFO [vulndb] Downloading vulnerability DB... 2024-11-11T10:02:15Z INFO [vulndb] Downloading artifact... repo="ghcr.io/aquasecurity/trivy-db:2" 2024-11-11T10:02:15Z ERROR [vulndb] Failed to download artifact repo="ghcr.io/aquasecurity/trivy-db:2" err="OCI repository error: 1 error occurred:\n\t* GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 396.072µs, allowed: 44000/minute\n\n" 2024-11-11T10:02:15Z FATAL Fatal error init error: DB error: failed to download vulnerability DB: OCI artifact error: failed to download vulnerability DB: failed to download artifact from any source: 1 error occurred: * OCI repository error: 1 error occurred: * GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 396.072µs, allowed: 44000/minute
threshold (moby/buildkit:master)
2024-11-11T10:02:16Z INFO [vulndb] Need to update DB 2024-11-11T10:02:16Z INFO [vulndb] Downloading vulnerability DB... 2024-11-11T10:02:16Z INFO [vulndb] Downloading artifact... repo="ghcr.io/aquasecurity/trivy-db:2" 2024-11-11T10:02:16Z ERROR [vulndb] Failed to download artifact repo="ghcr.io/aquasecurity/trivy-db:2" err="OCI repository error: 1 error occurred:\n\t* GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 163.823µs, allowed: 44000/minute\n\n" 2024-11-11T10:02:16Z FATAL Fatal error init error: DB error: failed to download vulnerability DB: OCI artifact error: failed to download vulnerability DB: failed to download artifact from any source: 1 error occurred: * OCI repository error: 1 error occurred: * GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 163.823µs, allowed: 44000/minute
image (alpine:latest)
2024-11-11T10:02:15Z INFO [vulndb] Need to update DB 2024-11-11T10:02:15Z INFO [vulndb] Downloading vulnerability DB... 2024-11-11T10:02:15Z INFO [vulndb] Downloading artifact... repo="ghcr.io/aquasecurity/trivy-db:2" 2024-11-11T10:02:16Z ERROR [vulndb] Failed to download artifact repo="ghcr.io/aquasecurity/trivy-db:2" err="OCI repository error: 1 error occurred:\n\t* GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 686.943µs, allowed: 44000/minute\n\n" 2024-11-11T10:02:16Z FATAL Fatal error init error: DB error: failed to download vulnerability DB: OCI artifact error: failed to download vulnerability DB: failed to download artifact from any source: 1 error occurred: * OCI repository error: 1 error occurred: * GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 686.943µs, allowed: 44000/minute
threshold (alpine:latest)
2024-11-11T10:02:16Z INFO [vulndb] Need to update DB 2024-11-11T10:02:16Z INFO [vulndb] Downloading vulnerability DB... 2024-11-11T10:02:16Z INFO [vulndb] Downloading artifact... repo="ghcr.io/aquasecurity/trivy-db:2" 2024-11-11T10:02:16Z ERROR [vulndb] Failed to download artifact repo="ghcr.io/aquasecurity/trivy-db:2" err="OCI repository error: 1 error occurred:\n\t* GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 845.968µs, allowed: 44000/minute\n\n" 2024-11-11T10:02:16Z FATAL Fatal error init error: DB error: failed to download vulnerability DB: OCI artifact error: failed to download vulnerability DB: failed to download artifact from any source: 1 error occurred: * OCI repository error: 1 error occurred: * GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 845.968µs, allowed: 44000/minute
image (moby/buildkit:master)
2024-11-11T10:02:17Z INFO [vulndb] Need to update DB 2024-11-11T10:02:17Z INFO [vulndb] Downloading vulnerability DB... 2024-11-11T10:02:17Z INFO [vulndb] Downloading artifact... repo="ghcr.io/aquasecurity/trivy-db:2" 2024-11-11T10:02:17Z ERROR [vulndb] Failed to download artifact repo="ghcr.io/aquasecurity/trivy-db:2" err="oci download error: failed to fetch the layer: GET https://ghcr.io/v2/aquasecurity/trivy-db/blobs/sha256:f594677e37e0ae9487f964881b6ad63d944ca2d8d42c47f41fb772756cd00505: TOOMANYREQUESTS: retry-after: 919.401µs, allowed: 44000/minute" 2024-11-11T10:02:17Z FATAL Fatal error init error: DB error: failed to download vulnerability DB: OCI artifact error: failed to download vulnerability DB: failed to download artifact from any source: 1 error occurred: * oci download error: failed to fetch the layer: GET https://ghcr.io/v2/aquasecurity/trivy-db/blobs/sha256:f594677e37e0ae9487f964881b6ad63d944ca2d8d42c47f41fb772756cd00505: TOOMANYREQUESTS: retry-after: 919.401µs, allowed: 44000/minute
threshold (alpine:3.9)
Container image is unhealthy. Following your desired severity threshold (HIGH), the job has been marked as failed.
annotations (moby/buildkit:master)
CVE-2024-34156 - HIGH severity - encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion vulnerability in stdlib
annotations (moby/buildkit:master)
CVE-2024-34156 - HIGH severity - encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion vulnerability in stdlib
annotations (moby/buildkit:master)
CVE-2024-34156 - HIGH severity - encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion vulnerability in stdlib
annotations (moby/buildkit:master)
CVE-2024-34156 - HIGH severity - encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion vulnerability in stdlib
threshold (alpine:3.10)
2024-11-11T10:02:22Z INFO [vulndb] Need to update DB 2024-11-11T10:02:22Z INFO [vulndb] Downloading vulnerability DB... 2024-11-11T10:02:22Z INFO [vulndb] Downloading artifact... repo="ghcr.io/aquasecurity/trivy-db:2" 2024-11-11T10:02:23Z ERROR [vulndb] Failed to download artifact repo="ghcr.io/aquasecurity/trivy-db:2" err="oci download error: failed to fetch the layer: GET https://ghcr.io/v2/aquasecurity/trivy-db/blobs/sha256:f594677e37e0ae9487f964881b6ad63d944ca2d8d42c47f41fb772756cd00505: TOOMANYREQUESTS: retry-after: 1.138776ms, allowed: 44000/minute" 2024-11-11T10:02:23Z FATAL Fatal error init error: DB error: failed to download vulnerability DB: OCI artifact error: failed to download vulnerability DB: failed to download artifact from any source: 1 error occurred: * oci download error: failed to fetch the layer: GET https://ghcr.io/v2/aquasecurity/trivy-db/blobs/sha256:f594677e37e0ae9487f964881b6ad63d944ca2d8d42c47f41fb772756cd00505: TOOMANYREQUESTS: retry-after: 1.138776ms, allowed: 44000/minute
build-scan-push
2024-11-11T10:02:24Z INFO [vulndb] Need to update DB 2024-11-11T10:02:24Z INFO [vulndb] Downloading vulnerability DB... 2024-11-11T10:02:24Z INFO [vulndb] Downloading artifact... repo="ghcr.io/aquasecurity/trivy-db:2" 2024-11-11T10:02:24Z ERROR [vulndb] Failed to download artifact repo="ghcr.io/aquasecurity/trivy-db:2" err="oci download error: failed to fetch the layer: GET https://ghcr.io/v2/aquasecurity/trivy-db/blobs/sha256:f594677e37e0ae9487f964881b6ad63d944ca2d8d42c47f41fb772756cd00505: TOOMANYREQUESTS: retry-after: 118.762µs, allowed: 44000/minute" 2024-11-11T10:02:24Z FATAL Fatal error init error: DB error: failed to download vulnerability DB: OCI artifact error: failed to download vulnerability DB: failed to download artifact from any source: 1 error occurred: * oci download error: failed to fetch the layer: GET https://ghcr.io/v2/aquasecurity/trivy-db/blobs/sha256:f594677e37e0ae9487f964881b6ad63d944ca2d8d42c47f41fb772756cd00505: TOOMANYREQUESTS: retry-after: 118.762µs, allowed: 44000/minute
tarball
2024-11-11T10:02:27Z INFO [vulndb] Need to update DB 2024-11-11T10:02:27Z INFO [vulndb] Downloading vulnerability DB... 2024-11-11T10:02:27Z INFO [vulndb] Downloading artifact... repo="ghcr.io/aquasecurity/trivy-db:2" 2024-11-11T10:02:27Z ERROR [vulndb] Failed to download artifact repo="ghcr.io/aquasecurity/trivy-db:2" err="OCI repository error: 1 error occurred:\n\t* GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 725.299µs, allowed: 44000/minute\n\n" 2024-11-11T10:02:27Z FATAL Fatal error init error: DB error: failed to download vulnerability DB: OCI artifact error: failed to download vulnerability DB: failed to download artifact from any source: 1 error occurred: * OCI repository error: 1 error occurred: * GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 725.299µs, allowed: 44000/minute
annotations (alpine:latest)
Dockerfile not provided. Skipping sarif scan result.
threshold (alpine:3.9)
Dockerfile not provided. Skipping sarif scan result.
annotations (moby/buildkit:master)
Dockerfile not provided. Skipping sarif scan result.
annotations (moby/buildkit:master)
CVE-2024-24791 - MEDIUM severity - net/http: Denial of service due to improper 100-continue handling in net/http vulnerability in stdlib
annotations (moby/buildkit:master)
CVE-2024-34155 - MEDIUM severity - go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion vulnerability in stdlib
annotations (moby/buildkit:master)
CVE-2024-34158 - MEDIUM severity - go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion vulnerability in stdlib
annotations (moby/buildkit:master)
CVE-2024-24791 - MEDIUM severity - net/http: Denial of service due to improper 100-continue handling in net/http vulnerability in stdlib
annotations (moby/buildkit:master)
CVE-2024-34155 - MEDIUM severity - go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion vulnerability in stdlib
annotations (moby/buildkit:master)
CVE-2024-34158 - MEDIUM severity - go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion vulnerability in stdlib
annotations (moby/buildkit:master)
CVE-2024-24791 - MEDIUM severity - net/http: Denial of service due to improper 100-continue handling in net/http vulnerability in stdlib
annotations (moby/buildkit:master)
CVE-2024-34155 - MEDIUM severity - go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion vulnerability in stdlib
annotations (moby/buildkit:master)
CVE-2024-34158 - MEDIUM severity - go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion vulnerability in stdlib
annotations (alpine:latest)
CVE-2024-9143 - LOW severity - openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access vulnerability in libcrypto3
annotations (alpine:latest)
CVE-2024-9143 - LOW severity - openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access vulnerability in libssl3
annotations (moby/buildkit:master)
CVE-2024-9143 - LOW severity - openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access vulnerability in libcrypto3
annotations (moby/buildkit:master)
CVE-2024-9143 - LOW severity - openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access vulnerability in libssl3
annotations (moby/buildkit:master)
CVE-2024-51744 - LOW severity - golang-jwt: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt vulnerability in github.com/golang-jwt/jwt/v4

Artifacts

Produced during runtime
Name Size
crazy-max~ghaction-container-scan~8ENVUG.dockerbuild
14.7 KB
crazy-max~ghaction-container-scan~KMC4I7.dockerbuild
15.4 KB
crazy-max~ghaction-container-scan~PTO85B.dockerbuild
15.2 KB