snyk-test ○ success

Duration: 31s
Queued: 3s
📁 Stage: test
🖥 Runner: linux-aws-1
Back to Pipeline View in GitLab
Average Duration
39s
This job: 31s
Failure Rate
0.0%
last 30 days
External Links
📊 Grafana Pod View 📊 Grafana Node View 🔍 Lilibet Dashboard

Job Execution Phases

💡 Tip: Click on any phase bar to jump to that section in the log below

Job Analysis

Job Status: Passed

Status: Job passed successfully

Full Job Log

215 lines
Match - of 0
1 14:27:24 Running with gitlab-runner 18.5.0 (bda84871)
2 14:27:24 on gitlab-runner-linux-1-86d76d468c-dqnmc wRxjPbsJX, system ID: r_rbm7B2gpCnst
3 14:27:24 feature flags: FF_USE_FASTZIP:true, FF_USE_NEW_BASH_EVAL_STRATEGY:true, FF_SCRIPT_SECTIONS:true, FF_USE_ADVANCED_POD_SPEC_CONFIGURATION:true, FF_PRINT_POD_EVENTS:true, FF_USE_DUMB_INIT_WITH_KUBERNETES_EXECUTOR:true, FF_LOG_IMAGES_CONFIGURED_FOR_JOB:true, FF_CLEAN_UP_FAILED_CACHE_EXTRACT:true, FF_TIMESTAMPS:true, FF_GIT_URLS_WITHOUT_TOKENS:true
4 14:27:24 Resolving secrets
5 14:27:24 section_start:1765290444:prepare_executor
6 14:27:24 +Preparing the "kubernetes" executor
7 14:27:24 Using Kubernetes namespace: gitlab-runner
8 14:27:24 Using Kubernetes executor with image registry.scandit.com/dockerfiles/snyk:python-3.12@sha256:74a2a43dda32b2139d91201cdc8a6c45ee153060573ed00f11c0ef36942578b7 ...
9 14:27:24 Using attach strategy to execute scripts...
10 14:27:24 Using effective pull policy of [Always] for container build
11 14:27:24 Using effective pull policy of [Always] for container helper
12 14:27:24 Using effective pull policy of [Always] for container init-permissions
13 14:27:24 section_end:1765290444:prepare_executor
14 14:27:24 +section_start:1765290444:prepare_script
15 14:27:24 +Preparing environment
16 14:27:24 Using FF_USE_POD_ACTIVE_DEADLINE_SECONDS, the Pod activeDeadlineSeconds will be set to the job timeout: 1h0m0s...
17 14:27:24 WARNING: Advanced Pod Spec configuration enabled, merging the provided PodSpec to the generated one. This is a beta feature and is subject to change. Feedback is collected in this issue: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/29659 ...
18 14:27:25 Subscribing to Kubernetes Pod events...
19 14:27:25 Type Reason Message
20 14:27:25 Normal Scheduled Successfully assigned gitlab-runner/runner-wrxjpbsjx-project-621-concurrent-2-6sy7lmp3 to ip-10-0-25-25.eu-central-1.compute.internal
21 14:27:26 Normal Pulled Container image "gitlab/gitlab-runner-helper:x86_64-v18.5.0" already present on machine
22 14:27:27 Normal Created Created container: init-permissions
23 14:27:27 Normal Started Started container init-permissions
24 14:27:40 Normal Pulling Pulling image "498954711405.dkr.ecr.eu-central-1.amazonaws.com/dockerfiles/snyk@sha256:74a2a43dda32b2139d91201cdc8a6c45ee153060573ed00f11c0ef36942578b7"
25 14:27:43 Normal Pulled Successfully pulled image "498954711405.dkr.ecr.eu-central-1.amazonaws.com/dockerfiles/snyk@sha256:74a2a43dda32b2139d91201cdc8a6c45ee153060573ed00f11c0ef36942578b7" in 2.324s (2.324s including waiting). Image size: 494173832 bytes.
26 14:27:43 Normal Created Created container: build
27 14:27:43 Normal Started Started container build
28 14:27:43 Normal Pulled Container image "gitlab/gitlab-runner-helper:x86_64-v18.5.0" already present on machine
29 14:27:43 Normal Created Created container: helper
30 14:27:43 Normal Started Started container helper
31 14:27:46 Running on runner-wrxjpbsjx-project-621-concurrent-2-6sy7lmp3 via gitlab-runner-linux-1-86d76d468c-dqnmc...
32 14:27:46
33 14:27:46 section_end:1765290466:prepare_script
34 14:27:46 +section_start:1765290466:get_sources
35 14:27:46 +Getting source from Git repository
36 14:27:47 Gitaly correlation ID: 01KC1R51DERD2S3Y2F9P4G8BMK
37 14:27:47 Fetching changes with git depth set to 50...
38 14:27:47 Initialized empty Git repository in /build/internal/gitlab-templates/.git/
39 14:27:47 Created fresh repository.
40 14:27:48 Checking out 940006cc as detached HEAD (ref is refs/merge-requests/507/merge)...
41 14:27:48
42 14:27:48 Skipping Git submodules setup
43 14:27:48
44 14:27:48 section_end:1765290468:get_sources
45 14:27:48 +section_start:1765290468:step_script
46 14:27:48 +Executing "step_script" stage of the job script
47 14:27:48 section_start:1765290468:section_pre_build_script_0[hide_duration=true,collapsed=true] $ function cleanup {
48 14:27:48 rv=$?
49 14:27:48 if [ $rv -ne 0 ]; then
50 14:27:48 echo ""
51 14:27:48 echo " Failure Cause Analysis might help, please open this link:"
52 14:27:48 echo " https://failure-cause-analysis.zrh.int.scandit.io/analysis/projects/${CI_PROJECT_ID}/jobs/${CI_JOB_ID}"
53 14:27:48 echo ""
54 14:27:48 fi
55 14:27:48 echo ""
56 14:27:48 echo "Grafana Pod-View: https://grafana.scandit.com/d/k8s_views_pods/kubernetes-views-pods?orgId=1&refresh=1m&var-datasource=${GRAFANA_DATASOURCE}&var-host=${SC_K8S_NODE_NAME}&var-namespace=${SC_K8S_NAMESPACE}&var-pod=${HOSTNAME}&var-resolution=15&from=${__start_time}000&to=${EPOCHSECONDS}000"
57 14:27:48 echo "Grafana Node-View: https://grafana.scandit.com/d/k8s_views_nodes/kubernetes-views-nodes?orgId=1&refresh=1m&var-datasource=${GRAFANA_DATASOURCE}&var-node=${SC_K8S_NODE_NAME}&var-resolution=15s&from=${__start_time}000&to=${EPOCHSECONDS}000"
58 14:27:48 echo ""
59 14:27:48 exit $rv
60 14:27:48 }
61 14:27:48 trap cleanup EXIT
62 14:27:48 echo "INFO: This is the CI job pre_build_script"
63 14:27:48 echo "INFO: It's defined in the backend/infra/aws repo."
64 14:27:48 echo "INFO: These additional Scandit variables are available to you:"
65 14:27:48 echo " SC_K8S_NODE_NAME: $SC_K8S_NODE_NAME"
66 14:27:48 echo " SC_K8S_IMAGE_ID: $SC_K8S_IMAGE_ID"
67 14:27:48 echo "cpu (r/l): ${SC_K8S_REQUESTS_CPU}/${SC_K8S_LIMITS_CPU}"
68 14:27:48 if command -v numfmt >/dev/null 2>&1; then
69 14:27:48 echo "memory (r/l): $(numfmt --to=iec --suffix=B $SC_K8S_REQUESTS_MEMORY)/$(numfmt --to=iec --suffix=B $SC_K8S_LIMITS_MEMORY)"
70 14:27:48 else
71 14:27:48 echo "memory (r/l): ${SC_K8S_REQUESTS_MEMORY}/${SC_K8S_LIMITS_MEMORY}"
72 14:27:48 fi
73 14:27:48 __start_time=${EPOCHSECONDS}
74 14:27:48 echo ""
75 14:27:48 echo "Grafana Pod-View: https://grafana.scandit.com/d/k8s_views_pods/kubernetes-views-pods?orgId=1&refresh=1m&var-datasource=${GRAFANA_DATASOURCE}&var-host=${SC_K8S_NODE_NAME}&var-namespace=${SC_K8S_NAMESPACE}&var-pod=${HOSTNAME}&var-resolution=15&from=${__start_time}000&to=now"
76 14:27:48 echo "Grafana Node-View: https://grafana.scandit.com/d/k8s_views_nodes/kubernetes-views-nodes?orgId=1&refresh=1m&var-datasource=${GRAFANA_DATASOURCE}&var-node=${SC_K8S_NODE_NAME}&var-resolution=15s&from=${__start_time}000&to=now"
77 14:27:48 echo ""
78 14:27:48 echo "Setting up credentials for Gitlab Python registries"
79 14:27:48 mkdir -p ~
80 14:27:48 echo "machine gitlab.scandit.com" > ~/.netrc
81 14:27:48 echo "login gitlab-ci-token" >> ~/.netrc
82 14:27:48 echo "password ${CI_JOB_TOKEN}" >> ~/.netrc
83 14:27:48 chmod 600 ~/.netrc
84 14:27:48 if command -v git &> /dev/null && [ "$(id -u)" -ne 0 ]; then
85 14:27:48 git config --global --add safe.directory $CI_PROJECT_DIR
86 14:27:48 fi
87 14:27:48 # Sonarqube server is running on the same cluster. Use internal address
88 14:27:48 export SONAR_HOST_URL="http://sonarqube.sonarqube.svc.cluster.local:9000"
89 14:27:48 section_end:1765290468:section_pre_build_script_0
90 14:27:48 INFO: This is the CI job pre_build_script
91 14:27:48 INFO: It's defined in the backend/infra/aws repo.
92 14:27:48 INFO: These additional Scandit variables are available to you:
93 14:27:48 SC_K8S_NODE_NAME: ip-10-0-25-25.eu-central-1.compute.internal
94 14:27:48 SC_K8S_IMAGE_ID:
95 14:27:48 cpu (r/l): 1/4
96 14:27:48 memory (r/l): 1.0GB/16GB
97 14:27:48
98 14:27:48 Grafana Pod-View: https://grafana.scandit.com/d/k8s_views_pods/kubernetes-views-pods?orgId=1&refresh=1m&var-datasource=lu1rmx27z&var-host=ip-10-0-25-25.eu-central-1.compute.internal&var-namespace=gitlab-runner&var-pod=runner-wrxjpbsjx-project-621-concurrent-2-6sy7lmp3&var-resolution=15&from=1765290468000&to=now
99 14:27:48 Grafana Node-View: https://grafana.scandit.com/d/k8s_views_nodes/kubernetes-views-nodes?orgId=1&refresh=1m&var-datasource=lu1rmx27z&var-node=ip-10-0-25-25.eu-central-1.compute.internal&var-resolution=15s&from=1765290468000&to=now
100 14:27:48
101 14:27:48 Setting up credentials for Gitlab Python registries
102 14:27:48 $ uv pip install --system -r requirements.txt
103 14:27:48 Using Python 3.12.12 environment at: /usr/local
104 14:27:48 Resolved 7 packages in 81ms
105 14:27:48 Downloading pygments (1.2MiB)
106 14:27:49 Downloaded pygments
107 14:27:49 Prepared 7 packages in 47ms
108 14:27:49 Installed 7 packages in 16ms
109 14:27:49 + coverage==7.13.0
110 14:27:49 + iniconfig==2.3.0
111 14:27:49 + packaging==25.0
112 14:27:49 + pluggy==1.6.0
113 14:27:49 + pygments==2.19.2
114 14:27:49 + pytest==9.0.1
115 14:27:49 + pytest-cov==7.0.0
116 14:27:49 section_start:1765290468:section_script_step_1[hide_duration=true,collapsed=true] $ set -e
117 14:27:49
118 14:27:49 function log_info() {
119 14:27:49 echo -e "[\e[1;94mINFO\e[0m] $*"
120 14:27:49 }
121 14:27:49
122 14:27:49 function log_warn() {
123 14:27:49 echo -e "[\e[1;93mWARN\e[0m] $*"
124 14:27:49 }
125 14:27:49
126 14:27:49 function log_error() {
127 14:27:49 echo -e "[\e[1;91mERROR\e[0m] $*"
128 14:27:49 }
129 14:27:49
130 14:27:49 function fail() {
131 14:27:49 log_error "$*"
132 14:27:49 exit 1
133 14:27:49 }
134 14:27:49
135 14:27:49 function assert_defined() {
136 14:27:49 if [[ -z "$1" ]]
137 14:27:49 then
138 14:27:49 log_error "$2"
139 14:27:49 exit 1
140 14:27:49 fi
141 14:27:49 }
142 14:27:49
143 14:27:49 function snyk_setup() {
144 14:27:49 # If SNYK_FILE is set, use it as a target, otherwise use --all-projects
145 14:27:49 if [[ -n "${SNYK_FILE}" ]]; then
146 14:27:49 SNYK_TARGET="--file=${SNYK_FILE}"
147 14:27:49 else
148 14:27:49 SNYK_TARGET="--all-projects"
149 14:27:49 fi
150 14:27:49
151 14:27:49 log_info "Targeting $SNYK_TARGET"
152 14:27:49
153 14:27:49 # Set log level based on SNYK_LOG_LEVEL
154 14:27:49 if [[ "$SNYK_LOG_LEVEL" == "info" ]]; then
155 14:27:49 SNYK_LOG_LEVEL=""
156 14:27:49 elif [[ "$SNYK_LOG_LEVEL" == "debug" ]]; then
157 14:27:49 SNYK_LOG_LEVEL="--debug"
158 14:27:49 elif [[ "$SNYK_LOG_LEVEL" == "trace" ]]; then
159 14:27:49 SNYK_LOG_LEVEL="--debug --log-level=trace"
160 14:27:49 fi
161 14:27:49 }
162 14:27:49 section_end:1765290468:section_script_step_1
163 14:27:49 $ assert_defined "$SNYK_TOKEN" "No SNYK_TOKEN defined. You have to provide a valid token for accessing Snyk."
164 14:27:49 $ snyk_setup
165 14:27:49 [INFO] Targeting --file=requirements.txt
166 14:27:49 $ set -x
167 14:27:49 ++ echo '$ snyk $SNYK_COMMAND $SNYK_TARGET --org=$SNYK_ORG --remote-repo-url=$SNYK_REMOTE_REPO_URL --policy-path=$SNYK_POLICY_PATH ${SNYK_EXCLUDE:+--exclude=$SNYK_EXCLUDE} ${SNYK_TARGET_REFERENCE:+--target-reference=$SNYK_TARGET_REFERENCE} ${SNYK_PROJECT_ENVIRONMENT:+--project-environment=$SNYK_PROJECT_ENVIRONMENT} ${SNYK_PROJECT_LIFECYCLE:+--project-lifecycle=$SNYK_PROJECT_LIFECYCLE} ${SNYK_PROJECT_TAGS:+--project-tags=$SNYK_PROJECT_TAGS} $SNYK_LOG_LEVEL $SNYK_EXTRA_PARAMETERS'
168 14:27:49 $ snyk $SNYK_COMMAND $SNYK_TARGET --org=$SNYK_ORG --remote-repo-url=$SNYK_REMOTE_REPO_URL --policy-path=$SNYK_POLICY_PATH ${SNYK_EXCLUDE:+--exclude=$SNYK_EXCLUDE} ${SNYK_TARGET_REFERENCE:+--target-reference=$SNYK_TARGET_REFERENCE} ${SNYK_PROJECT_ENVIRONMENT:+--project-environment=$SNYK_PROJECT_ENVIRONMENT} ${SNYK_PROJECT_LIFECYCLE:+--project-lifecycle=$SNYK_PROJECT_LIFECYCLE} ${SNYK_PROJECT_TAGS:+--project-tags=$SNYK_PROJECT_TAGS} $SNYK_LOG_LEVEL $SNYK_EXTRA_PARAMETERS
169 14:27:49 ++ snyk test --file=requirements.txt --org=d688d452-cf04-4620-84f0-3431ce4d741a --remote-repo-url=internal/gitlab-templates --policy-path=/build/internal/gitlab-templates/.snyk
170 14:27:53
171 14:27:53 Testing /build/internal/gitlab-templates...
172 14:27:53
173 14:27:53 Organization: scandit-internal
174 14:27:53 Package manager: pip
175 14:27:53 Target file: requirements.txt
176 14:27:53 Project name: gitlab-templates
177 14:27:53 Open source: no
178 14:27:53 Project path: /build/internal/gitlab-templates
179 14:27:53 Licenses: enabled
180 14:27:53
181 14:27:53 ✔ Tested 7 dependencies for known issues, no vulnerable paths found.
182 14:27:53
183 14:27:53 Tip: Detected multiple supported manifests (2), use --all-projects to scan all of them at once.
184 14:27:53
185 14:27:53
186 14:27:54 ++ echo '$ set +x'
187 14:27:54 $ set +x
188 14:27:54 ++ set +x
189 14:27:54
190 14:27:54 Grafana Pod-View: https://grafana.scandit.com/d/k8s_views_pods/kubernetes-views-pods?orgId=1&refresh=1m&var-datasource=lu1rmx27z&var-host=ip-10-0-25-25.eu-central-1.compute.internal&var-namespace=gitlab-runner&var-pod=runner-wrxjpbsjx-project-621-concurrent-2-6sy7lmp3&var-resolution=15&from=1765290468000&to=1765290473000
191 14:27:54 Grafana Node-View: https://grafana.scandit.com/d/k8s_views_nodes/kubernetes-views-nodes?orgId=1&refresh=1m&var-datasource=lu1rmx27z&var-node=ip-10-0-25-25.eu-central-1.compute.internal&var-resolution=15s&from=1765290468000&to=1765290473000
192 14:27:54
193 14:27:54
194 14:27:54 section_end:1765290474:step_script
195 14:27:54 +section_start:1765290474:after_script
196 14:27:54 +Running after_script
197 14:27:54 Running after script...
198 14:27:54 section_start:1765290474:section_after_script_step_0[hide_duration=true,collapsed=true] $ cat <<-EOD
199 14:27:54 ----------------------------------------------------------
200 14:27:54 Need help? Documentation on the Snyk jobs can be found at:
201 14:27:54 https://gitlab.scandit.com/internal/gitlab-templates/-/blob/master/.gitlab/snyk.md
202 14:27:54 EOD
203 14:27:54 section_end:1765290474:section_after_script_step_0
204 14:27:54 ----------------------------------------------------------
205 14:27:54 Need help? Documentation on the Snyk jobs can be found at:
206 14:27:54 https://gitlab.scandit.com/internal/gitlab-templates/-/blob/master/.gitlab/snyk.md
207 14:27:54
208 14:27:54 section_end:1765290474:after_script
209 14:27:54 +section_start:1765290474:cleanup_file_variables
210 14:27:54 +Cleaning up project directory and file based variables
211 14:27:55
212 14:27:55 section_end:1765290475:cleanup_file_variables
213 14:27:55 +
214 14:27:55 Job succeeded
215