snyk-container-test ○ success

Duration: 49s
Queued: 0s
📁 Stage: test
🖥 Runner: linux-aws-1
Back to Pipeline View in GitLab
Average Duration
52s
This job: 49s
Failure Rate
0.0%
last 30 days
External Links
📊 Grafana Pod View 📊 Grafana Node View 📋 Loki Logs 🔍 Lilibet Dashboard

Job Execution Phases

💡 Tip: Click on any phase bar to jump to that section in the log below

Job Analysis

Job Status: Passed

Status: Job passed successfully

Full Job Log

166 lines
Match - of 0
1 09:35:28 Running with gitlab-runner 18.9.0 (07e534ba)
2 09:35:28 on gitlab-runner-linux-1-5fd7c4d488-p5lbx wRxjPbsJX, system ID: r_201AzAERJfrE
3 09:35:28 feature flags: FF_USE_FASTZIP:true, FF_USE_NEW_BASH_EVAL_STRATEGY:true, FF_USE_DYNAMIC_TRACE_FORCE_SEND_INTERVAL:true, FF_SCRIPT_SECTIONS:true, FF_USE_ADVANCED_POD_SPEC_CONFIGURATION:true, FF_PRINT_POD_EVENTS:true, FF_USE_DUMB_INIT_WITH_KUBERNETES_EXECUTOR:true, FF_LOG_IMAGES_CONFIGURED_FOR_JOB:true, FF_CLEAN_UP_FAILED_CACHE_EXTRACT:true, FF_GIT_URLS_WITHOUT_TOKENS:true, FF_WAIT_FOR_POD_TO_BE_REACHABLE:true, FF_USE_FLEETING_ACQUIRE_HEARTBEATS:true, FF_USE_JOB_ROUTER:true
4 09:35:28 Resolving secrets
5 09:35:28 section_start:1777973728:prepare_executor
6 09:35:28 +Preparing the "kubernetes" executor
7 09:35:28 Using Kubernetes namespace: gitlab-runner
8 09:35:28 Using Kubernetes executor with image registry.scandit.com/dockerfiles/snyk:ubuntu@sha256:c488e3de6b1d5adc01d19a85bd9753c1a3ae142e5e13d97e0bdb4d6659dfd958 ...
9 09:35:28 Using attach strategy to execute scripts...
10 09:35:28 Using effective pull policy of [Always] for container build
11 09:35:28 Using effective pull policy of [Always] for container helper
12 09:35:28 Using effective pull policy of [Always] for container init-permissions
13 09:35:28 section_end:1777973728:prepare_executor
14 09:35:28 +section_start:1777973728:prepare_script
15 09:35:28 +Preparing environment
16 09:35:28 Using FF_USE_POD_ACTIVE_DEADLINE_SECONDS, the Pod activeDeadlineSeconds will be set to the job timeout: 1h0m0s...
17 09:35:28 WARNING: Advanced Pod Spec configuration enabled, merging the provided PodSpec to the generated one. This is a beta feature and is subject to change. Feedback is collected in this issue: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/29659 ...
18 09:35:28 Subscribing to Kubernetes Pod events...
19 09:35:29 Type Reason Message
20 09:35:29 Normal Scheduled Successfully assigned gitlab-runner/runner-wrxjpbsjx-project-621-concurrent-2-goh7q96z to ip-10-0-20-62.eu-central-1.compute.internal
21 09:35:31 Normal Pulled Container image "gitlab/gitlab-runner-helper:x86_64-v18.8.0" already present on machine
22 09:35:32 Normal Created Created container: init-permissions
23 09:35:32 Normal Started Started container init-permissions
24 09:35:40 Normal Pulling Pulling image "498954711405.dkr.ecr.eu-central-1.amazonaws.com/dockerfiles/snyk@sha256:c488e3de6b1d5adc01d19a85bd9753c1a3ae142e5e13d97e0bdb4d6659dfd958"
25 09:35:42 Normal Pulled Successfully pulled image "498954711405.dkr.ecr.eu-central-1.amazonaws.com/dockerfiles/snyk@sha256:c488e3de6b1d5adc01d19a85bd9753c1a3ae142e5e13d97e0bdb4d6659dfd958" in 2.344s (2.344s including waiting). Image size: 123873044 bytes.
26 09:35:42 Normal Created Created container: build
27 09:35:42 Normal Started Started container build
28 09:35:42 Normal Pulled Container image "gitlab/gitlab-runner-helper:x86_64-v18.8.0" already present on machine
29 09:35:42 Normal Created Created container: helper
30 09:35:42 Normal Started Started container helper
31 09:35:45 Running on runner-wrxjpbsjx-project-621-concurrent-2-goh7q96z via gitlab-runner-linux-1-5fd7c4d488-p5lbx...
32 09:35:45
33 09:35:45 section_end:1777973745:prepare_script
34 09:35:45 +section_start:1777973745:get_sources
35 09:35:45 +Getting source from Git repository
36 09:35:45 Gitaly correlation ID: 01KQVQW4DKNE3VA7Q4KKKBZ9YP
37 09:35:45 Fetching changes with git depth set to 50...
38 09:35:45 Initialized empty Git repository in /build/internal/gitlab-templates/.git/
39 09:35:45 Created fresh repository.
40 09:35:46 Checking out eea928ac as detached HEAD (ref is refs/merge-requests/637/merge)...
41 09:35:46
42 09:35:46 Skipping Git submodules setup
43 09:35:46
44 09:35:46 section_end:1777973746:get_sources
45 09:35:46 +section_start:1777973746:step_script
46 09:35:46 +Executing "step_script" stage of the job script
47 09:35:47 section_start:1777973746:section_pre_build_script_0[hide_duration=true,collapsed=true] $ function cleanup {
48 09:35:47 rv=$?
49 09:35:47 if [ $rv -ne 0 ]; then
50 09:35:47 echo ""
51 09:35:47 echo " Failure Cause Analysis might help, please open this link:"
52 09:35:47 echo " https://scout.scandit.io/analysis/projects/${CI_PROJECT_ID}/jobs/${CI_JOB_ID}"
53 09:35:47 echo ""
54 09:35:47 fi
55 09:35:47 echo ""
56 09:35:47 echo "Scout Analysis: https://scout.scandit.io/analysis/projects/${CI_PROJECT_ID}/jobs/${CI_JOB_ID}"
57 09:35:47 echo ""
58 09:35:47 echo ""
59 09:35:47 echo "Grafana Pod-View: https://grafana.scandit.com/d/k8s_views_pods/kubernetes-views-pods?orgId=1&refresh=1m&var-datasource=${GRAFANA_DATASOURCE}&var-host=${SC_K8S_NODE_NAME}&var-namespace=${SC_K8S_NAMESPACE}&var-pod=${HOSTNAME}&var-resolution=15&from=${__start_time}000&to=${EPOCHSECONDS}000"
60 09:35:47 echo "Grafana Node-View: https://grafana.scandit.com/d/k8s_views_nodes/kubernetes-views-nodes?orgId=1&refresh=1m&var-datasource=${GRAFANA_DATASOURCE}&var-node=${SC_K8S_NODE_NAME}&var-resolution=15s&from=${__start_time}000&to=${EPOCHSECONDS}000"
61 09:35:47 echo "Loki Logs: https://grafana.scandit.com/a/grafana-lokiexplore-app/explore/log_group/gitlab-runner/logs?var-ds=${LOKI_DATASOURCE}&var-filters=log_group|=|gitlab-runner&var-filters=source|=|${LOKI_LOGSOURCE}&var-filters=namespace|=|${SC_K8S_NAMESPACE}&var-filters=CI_PROJECT_ID|=|${CI_PROJECT_ID}&var-filters=CI_PIPELINE_ID|=|${CI_PIPELINE_ID}&var-filters=CI_JOB_ID|=|${CI_JOB_ID}&sortOrder=Ascending&from=${__start_time}000&to=${EPOCHSECONDS}000"
62 09:35:47 echo "Lilibet Statistics: https://lilibet.scandit.io/dashboard/204-job-drill-down?date_range=$(date -d '-7 days' +%Y-%m-%d)~$(date -d '+7 days' +%Y-%m-%d)&job_name=${CI_JOB_NAME}&project=${CI_PROJECT_PATH}"
63 09:35:47 echo ""
64 09:35:47 exit $rv
65 09:35:47 }
66 09:35:47 trap cleanup EXIT
67 09:35:47 echo "INFO: This is the CI job pre_build_script"
68 09:35:47 echo "INFO: It's defined in the backend/infra/aws repo."
69 09:35:47 echo "INFO: These additional Scandit variables are available to you:"
70 09:35:47 echo " SC_K8S_NODE_NAME: $SC_K8S_NODE_NAME"
71 09:35:47 echo " SC_K8S_IMAGE_ID: $SC_K8S_IMAGE_ID"
72 09:35:47 echo " SC_K8S_KYVERNO_PATCHES: |"
73 09:35:47 echo "$SC_K8S_KYVERNO_PATCHES" | sed 's/^/ /'
74 09:35:47 echo "cpu (r/l): ${SC_K8S_REQUESTS_CPU}/${SC_K8S_LIMITS_CPU}"
75 09:35:47 if command -v numfmt >/dev/null 2>&1; then
76 09:35:47 echo "memory (r/l): $(numfmt --to=iec --suffix=B $SC_K8S_REQUESTS_MEMORY)/$(numfmt --to=iec --suffix=B $SC_K8S_LIMITS_MEMORY)"
77 09:35:47 else
78 09:35:47 echo "memory (r/l): ${SC_K8S_REQUESTS_MEMORY}/${SC_K8S_LIMITS_MEMORY}"
79 09:35:47 fi
80 09:35:47 __start_time=${EPOCHSECONDS}
81 09:35:47 echo ""
82 09:35:47 echo "Grafana Pod-View: https://grafana.scandit.com/d/k8s_views_pods/kubernetes-views-pods?orgId=1&refresh=1m&var-datasource=${GRAFANA_DATASOURCE}&var-host=${SC_K8S_NODE_NAME}&var-namespace=${SC_K8S_NAMESPACE}&var-pod=${HOSTNAME}&var-resolution=15&from=${__start_time}000&to=now"
83 09:35:47 echo "Grafana Node-View: https://grafana.scandit.com/d/k8s_views_nodes/kubernetes-views-nodes?orgId=1&refresh=1m&var-datasource=${GRAFANA_DATASOURCE}&var-node=${SC_K8S_NODE_NAME}&var-resolution=15s&from=${__start_time}000&to=now"
84 09:35:47 echo "Loki Logs: https://grafana.scandit.com/a/grafana-lokiexplore-app/explore/log_group/gitlab-runner/logs?var-ds=${LOKI_DATASOURCE}&var-filters=log_group|=|gitlab-runner&var-filters=source|=|${LOKI_LOGSOURCE}&var-filters=namespace|=|${SC_K8S_NAMESPACE}&var-filters=CI_PROJECT_ID|=|${CI_PROJECT_ID}&var-filters=CI_PIPELINE_ID|=|${CI_PIPELINE_ID}&var-filters=CI_JOB_ID|=|${CI_JOB_ID}&sortOrder=Ascending&from=${__start_time}000&to=now"
85 09:35:47 echo "Lilibet Statistics: https://lilibet.scandit.io/dashboard/204-job-drill-down?date_range=$(date -d '-7 days' +%Y-%m-%d)~$(date -d '+7 days' +%Y-%m-%d)&job_name=${CI_JOB_NAME}&project=${CI_PROJECT_PATH}"
86 09:35:47 echo ""
87 09:35:47 echo "Setting up credentials for Gitlab Python registries"
88 09:35:47 mkdir -p ~
89 09:35:47 echo "machine gitlab.scandit.com" > ~/.netrc
90 09:35:47 echo "login gitlab-ci-token" >> ~/.netrc
91 09:35:47 echo "password ${CI_JOB_TOKEN}" >> ~/.netrc
92 09:35:47 chmod 600 ~/.netrc
93 09:35:47 if command -v git &> /dev/null && [ "$(id -u)" -ne 0 ]; then
94 09:35:47 git config --global --add safe.directory $CI_PROJECT_DIR
95 09:35:47 fi
96 09:35:47 # Sonarqube server is running on the same cluster. Use internal address
97 09:35:47 export SONAR_HOST_URL="http://sonarqube.sonarqube.svc.cluster.local:9000"
98 09:35:47 section_end:1777973746:section_pre_build_script_0
99 09:35:47 INFO: This is the CI job pre_build_script
100 09:35:47 INFO: It's defined in the backend/infra/aws repo.
101 09:35:47 INFO: These additional Scandit variables are available to you:
102 09:35:47 SC_K8S_NODE_NAME: ip-10-0-20-62.eu-central-1.compute.internal
103 09:35:47 SC_K8S_IMAGE_ID:
104 09:35:47 SC_K8S_KYVERNO_PATCHES: |
105 09:35:47
106 09:35:47 cpu (r/l): 1/4
107 09:35:47 memory (r/l): 1.0GB/16GB
108 09:35:47
109 09:35:47 Grafana Pod-View: https://grafana.scandit.com/d/k8s_views_pods/kubernetes-views-pods?orgId=1&refresh=1m&var-datasource=lu1rmx27z&var-host=ip-10-0-20-62.eu-central-1.compute.internal&var-namespace=gitlab-runner&var-pod=runner-wrxjpbsjx-project-621-concurrent-2-goh7q96z&var-resolution=15&from=1777973746000&to=now
110 09:35:47 Grafana Node-View: https://grafana.scandit.com/d/k8s_views_nodes/kubernetes-views-nodes?orgId=1&refresh=1m&var-datasource=lu1rmx27z&var-node=ip-10-0-20-62.eu-central-1.compute.internal&var-resolution=15s&from=1777973746000&to=now
111 09:35:47 Loki Logs: https://grafana.scandit.com/a/grafana-lokiexplore-app/explore/log_group/gitlab-runner/logs?var-ds=nVsAo7UVk&var-filters=log_group|=|gitlab-runner&var-filters=source|=|k8s-ci.aws.scandit.io&var-filters=namespace|=|gitlab-runner&var-filters=CI_PROJECT_ID|=|621&var-filters=CI_PIPELINE_ID|=|1578751&var-filters=CI_JOB_ID|=|54380626&sortOrder=Ascending&from=1777973746000&to=now
112 09:35:47 Lilibet Statistics: https://lilibet.scandit.io/dashboard/204-job-drill-down?date_range=2026-04-28~2026-05-12&job_name=snyk-container-test&project=internal/gitlab-templates
113 09:35:47
114 09:35:47 Setting up credentials for Gitlab Python registries
115 09:35:47 $ test -n "${SNYK_TOKEN}" || (echo "No SNYK_TOKEN defined. You have to provide a valid token for accessing Snyk."; false)
116 09:35:47 $ test -n "${IMAGE_URL}" || (echo "No IMAGE_URL defined. You have to provide a valid image for container scanner."; false)
117 09:35:47 $ echo "This job scans the given image for known vulnerabilities and outputs the result in the console."
118 09:35:47 This job scans the given image for known vulnerabilities and outputs the result in the console.
119 09:35:47 $ echo "Running 'snyk container test' on image $IMAGE_URL."
120 09:35:47 Running 'snyk container test' on image registry.scandit.com/internal/gitlab-templates/python:3.12-MR637.
121 09:35:47 $ snyk container test ${IMAGE_URL} --file=${DOCKERFILE_PATH} --exclude-base-image-vulns --exclude-app-vulns --policy-path=${SNYK_POLICY_PATH} --org=${SNYK_ORG} --json-file-output=${OUTPUT_FILE} ${SNYK_EXTRA_PARAMETERS}
122 09:36:14
123 09:36:14 Testing registry.scandit.com/internal/gitlab-templates/python:3.12-MR637...
124 09:36:14
125 09:36:14 Organization: scandit-internal
126 09:36:14 Package manager: deb
127 09:36:14 Target file: Dockerfile.python-3
128 09:36:14 Project name: docker-image|registry.scandit.com/internal/gitlab-templates/python
129 09:36:14 Docker image: registry.scandit.com/internal/gitlab-templates/python:3.12-MR637
130 09:36:14 Platform: linux/amd64
131 09:36:14 Target OS: Debian GNU/Linux 12 (bookworm)
132 09:36:14 Base image: python:3.12-bookworm
133 09:36:14 Local Snyk policy: found
134 09:36:14 Licenses: enabled
135 09:36:14
136 09:36:14 ✔ Tested 429 dependencies for known issues, no vulnerable paths found.
137 09:36:14
138 09:36:14
139 09:36:14
140 09:36:14 Scout Analysis: https://scout.scandit.io/analysis/projects/621/jobs/54380626
141 09:36:14
142 09:36:14
143 09:36:14 Grafana Pod-View: https://grafana.scandit.com/d/k8s_views_pods/kubernetes-views-pods?orgId=1&refresh=1m&var-datasource=lu1rmx27z&var-host=ip-10-0-20-62.eu-central-1.compute.internal&var-namespace=gitlab-runner&var-pod=runner-wrxjpbsjx-project-621-concurrent-2-goh7q96z&var-resolution=15&from=1777973746000&to=1777973774000
144 09:36:14 Grafana Node-View: https://grafana.scandit.com/d/k8s_views_nodes/kubernetes-views-nodes?orgId=1&refresh=1m&var-datasource=lu1rmx27z&var-node=ip-10-0-20-62.eu-central-1.compute.internal&var-resolution=15s&from=1777973746000&to=1777973774000
145 09:36:14 Loki Logs: https://grafana.scandit.com/a/grafana-lokiexplore-app/explore/log_group/gitlab-runner/logs?var-ds=nVsAo7UVk&var-filters=log_group|=|gitlab-runner&var-filters=source|=|k8s-ci.aws.scandit.io&var-filters=namespace|=|gitlab-runner&var-filters=CI_PROJECT_ID|=|621&var-filters=CI_PIPELINE_ID|=|1578751&var-filters=CI_JOB_ID|=|54380626&sortOrder=Ascending&from=1777973746000&to=1777973774000
146 09:36:14 Lilibet Statistics: https://lilibet.scandit.io/dashboard/204-job-drill-down?date_range=2026-04-28~2026-05-12&job_name=snyk-container-test&project=internal/gitlab-templates
147 09:36:14
148 09:36:14
149 09:36:14 section_end:1777973774:step_script
150 09:36:14 +section_start:1777973774:upload_artifacts_on_success
151 09:36:14 +Uploading artifacts for successful job
152 09:36:15 Uploading artifacts...
153 09:36:15 snyk-container-test.json: found 1 matching artifact files and directories
154 09:36:16 Uploading artifacts as "archive" to coordinator... 201 Created correlation_id=01KQVQXJNDMDKHJXYA7SM7Z5XQ id=54380626 responseStatus=201 Created token=64_MXnyim
155 09:36:16 Uploading artifacts...
156 09:36:16 snyk-container-test.json: found 1 matching artifact files and directories
157 09:36:16 Uploading artifacts as "container_scanning" to coordinator... 201 Created correlation_id=01KQVQXKGAHSTBXC0YP1QCF84X id=54380626 responseStatus=201 Created token=64_MXnyim
158 09:36:16
159 09:36:16 section_end:1777973776:upload_artifacts_on_success
160 09:36:16 +section_start:1777973776:cleanup_file_variables
161 09:36:16 +Cleaning up project directory and file based variables
162 09:36:16
163 09:36:16 section_end:1777973776:cleanup_file_variables
164 09:36:16 +
165 09:36:16 Job succeeded
166