snyk-container-test-delta ○ success

Duration: 4m 6s
Queued: 3s
📁 Stage: test
🖥 Runner: linux-aws-1
Back to Pipeline View in GitLab
Average Duration
3m 15s
This job: 4m 6s
Failure Rate
5.9%
last 30 days
External Links
📊 Grafana Pod View 📊 Grafana Node View 📋 Loki Logs 🔍 Lilibet Dashboard

Job Execution Phases

💡 Tip: Click on any phase bar to jump to that section in the log below

Job Analysis

Job Status: Passed

Status: Job passed successfully

Full Job Log

162 lines
Match - of 0
1 22:38:25 Running with gitlab-runner 18.9.0 (07e534ba)
2 22:38:25 on gitlab-runner-linux-1-746bdd58fd-8bbzm wRxjPbsJX, system ID: r_DxKhvxXkpe6K
3 22:38:25 feature flags: FF_USE_FASTZIP:true, FF_USE_NEW_BASH_EVAL_STRATEGY:true, FF_USE_DYNAMIC_TRACE_FORCE_SEND_INTERVAL:true, FF_SCRIPT_SECTIONS:true, FF_USE_ADVANCED_POD_SPEC_CONFIGURATION:true, FF_PRINT_POD_EVENTS:true, FF_USE_DUMB_INIT_WITH_KUBERNETES_EXECUTOR:true, FF_LOG_IMAGES_CONFIGURED_FOR_JOB:true, FF_CLEAN_UP_FAILED_CACHE_EXTRACT:true, FF_GIT_URLS_WITHOUT_TOKENS:true, FF_WAIT_FOR_POD_TO_BE_REACHABLE:true, FF_USE_FLEETING_ACQUIRE_HEARTBEATS:true, FF_USE_JOB_ROUTER:true
4 22:38:25 Resolving secrets
5 22:38:25 section_start:1778020705:prepare_executor
6 22:38:25 +Preparing the "kubernetes" executor
7 22:38:25 Using Kubernetes namespace: gitlab-runner
8 22:38:25 Using Kubernetes executor with image registry.scandit.com/dockerfiles/snyk:ubuntu@sha256:c488e3de6b1d5adc01d19a85bd9753c1a3ae142e5e13d97e0bdb4d6659dfd958 ...
9 22:38:25 Using attach strategy to execute scripts...
10 22:38:25 Using effective pull policy of [Always] for container build
11 22:38:25 Using effective pull policy of [Always] for container helper
12 22:38:25 Using effective pull policy of [Always] for container init-permissions
13 22:38:26 section_end:1778020706:prepare_executor
14 22:38:26 +section_start:1778020706:prepare_script
15 22:38:26 +Preparing environment
16 22:38:26 Using FF_USE_POD_ACTIVE_DEADLINE_SECONDS, the Pod activeDeadlineSeconds will be set to the job timeout: 1h0m0s...
17 22:38:26 WARNING: Advanced Pod Spec configuration enabled, merging the provided PodSpec to the generated one. This is a beta feature and is subject to change. Feedback is collected in this issue: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/29659 ...
18 22:38:26 Subscribing to Kubernetes Pod events...
19 22:38:26 Type Reason Message
20 22:38:26 Warning FailedScheduling 0/31 nodes are available: 1 node(s) had untolerated taint {scandit.io/clickhouse: production}, 1 node(s) had untolerated taint {scandit.io/clickhouse: staging}, 1 node(s) had untolerated taint {scandit.io/sonarqube: dedicated}, 21 node(s) didn't match Pod's node affinity/selector, 7 Insufficient cpu. preemption: 0/31 nodes are available: 24 Preemption is not helpful for scheduling, 7 No preemption victims found for incoming pod.
21 22:38:28 Warning FailedScheduling 0/31 nodes are available: 1 node(s) had untolerated taint {scandit.io/clickhouse: production}, 1 node(s) had untolerated taint {scandit.io/clickhouse: staging}, 1 node(s) had untolerated taint {scandit.io/sonarqube: dedicated}, 21 node(s) didn't match Pod's node affinity/selector, 7 Insufficient cpu. preemption: 0/31 nodes are available: 24 Preemption is not helpful for scheduling, 7 No preemption victims found for incoming pod.
22 22:38:28 Warning FailedScheduling 0/31 nodes are available: 1 node(s) had untolerated taint {scandit.io/clickhouse: production}, 1 node(s) had untolerated taint {scandit.io/clickhouse: staging}, 1 node(s) had untolerated taint {scandit.io/sonarqube: dedicated}, 21 node(s) didn't match Pod's node affinity/selector, 7 Insufficient cpu. preemption: 0/31 nodes are available: 24 Preemption is not helpful for scheduling, 7 No preemption victims found for incoming pod.
23 22:38:28 Warning FailedScheduling 0/31 nodes are available: 1 node(s) had untolerated taint {scandit.io/clickhouse: production}, 1 node(s) had untolerated taint {scandit.io/clickhouse: staging}, 1 node(s) had untolerated taint {scandit.io/sonarqube: dedicated}, 21 node(s) didn't match Pod's node affinity/selector, 7 Insufficient cpu. preemption: 0/31 nodes are available: 24 Preemption is not helpful for scheduling, 7 No preemption victims found for incoming pod.
24 22:38:28 Normal Scheduled Successfully assigned gitlab-runner/runner-wrxjpbsjx-project-621-concurrent-8-1rpskjp9 to ip-10-0-27-85.eu-central-1.compute.internal
25 22:38:35 Normal Pulled Container image "gitlab/gitlab-runner-helper:x86_64-v18.8.0" already present on machine
26 22:38:41 Normal Created Created container: init-permissions
27 22:38:43 Normal Started Started container init-permissions
28 22:39:01 Normal Pulled Container image "498954711405.dkr.ecr.eu-central-1.amazonaws.com/dockerfiles/snyk@sha256:c488e3de6b1d5adc01d19a85bd9753c1a3ae142e5e13d97e0bdb4d6659dfd958" already present on machine
29 22:39:03 Normal Created Created container: build
30 22:39:03 Normal Started Started container build
31 22:39:03 Normal Pulled Container image "gitlab/gitlab-runner-helper:x86_64-v18.8.0" already present on machine
32 22:39:05 Normal Created Created container: helper
33 22:39:06 Normal Started Started container helper
34 22:39:09 Running on runner-wrxjpbsjx-project-621-concurrent-8-1rpskjp9 via gitlab-runner-linux-1-746bdd58fd-8bbzm...
35 22:39:09
36 22:39:09 section_end:1778020749:prepare_script
37 22:39:09 +section_start:1778020749:get_sources
38 22:39:09 +Getting source from Git repository
39 22:39:09 Gitaly correlation ID: 01KQX4NS839RP1V9ACWP7AGVR5
40 22:39:09 Fetching changes with git depth set to 50...
41 22:39:09 Initialized empty Git repository in /build/internal/gitlab-templates/.git/
42 22:39:09 Created fresh repository.
43 22:39:11 Checking out 22f5b5c3 as detached HEAD (ref is refs/merge-requests/639/merge)...
44 22:39:11
45 22:39:11 Skipping Git submodules setup
46 22:39:11
47 22:39:11 section_end:1778020751:get_sources
48 22:39:11 +section_start:1778020751:step_script
49 22:39:11 +Executing "step_script" stage of the job script
50 22:39:12 section_start:1778020751:section_pre_build_script_0[hide_duration=true,collapsed=true] $ function cleanup {
51 22:39:12 rv=$?
52 22:39:12 if [ $rv -ne 0 ]; then
53 22:39:12 echo ""
54 22:39:12 echo " Failure Cause Analysis might help, please open this link:"
55 22:39:12 echo " https://scout.scandit.io/analysis/projects/${CI_PROJECT_ID}/jobs/${CI_JOB_ID}"
56 22:39:12 echo ""
57 22:39:12 fi
58 22:39:12 echo ""
59 22:39:12 echo "Scout Analysis: https://scout.scandit.io/analysis/projects/${CI_PROJECT_ID}/jobs/${CI_JOB_ID}"
60 22:39:12 echo ""
61 22:39:12 echo ""
62 22:39:12 echo "Grafana Pod-View: https://grafana.scandit.com/d/k8s_views_pods/kubernetes-views-pods?orgId=1&refresh=1m&var-datasource=${GRAFANA_DATASOURCE}&var-host=${SC_K8S_NODE_NAME}&var-namespace=${SC_K8S_NAMESPACE}&var-pod=${HOSTNAME}&var-resolution=15&from=${__start_time}000&to=${EPOCHSECONDS}000"
63 22:39:12 echo "Grafana Node-View: https://grafana.scandit.com/d/k8s_views_nodes/kubernetes-views-nodes?orgId=1&refresh=1m&var-datasource=${GRAFANA_DATASOURCE}&var-node=${SC_K8S_NODE_NAME}&var-resolution=15s&from=${__start_time}000&to=${EPOCHSECONDS}000"
64 22:39:12 echo "Loki Logs: https://grafana.scandit.com/a/grafana-lokiexplore-app/explore/log_group/gitlab-runner/logs?var-ds=${LOKI_DATASOURCE}&var-filters=log_group|=|gitlab-runner&var-filters=source|=|${LOKI_LOGSOURCE}&var-filters=namespace|=|${SC_K8S_NAMESPACE}&var-filters=CI_PROJECT_ID|=|${CI_PROJECT_ID}&var-filters=CI_PIPELINE_ID|=|${CI_PIPELINE_ID}&var-filters=CI_JOB_ID|=|${CI_JOB_ID}&sortOrder=Ascending&from=${__start_time}000&to=${EPOCHSECONDS}000"
65 22:39:12 echo "Lilibet Statistics: https://lilibet.scandit.io/dashboard/204-job-drill-down?date_range=$(date -d '-7 days' +%Y-%m-%d)~$(date -d '+7 days' +%Y-%m-%d)&job_name=${CI_JOB_NAME}&project=${CI_PROJECT_PATH}"
66 22:39:12 echo ""
67 22:39:12 exit $rv
68 22:39:12 }
69 22:39:12 trap cleanup EXIT
70 22:39:12 echo "INFO: This is the CI job pre_build_script"
71 22:39:12 echo "INFO: It's defined in the backend/infra/aws repo."
72 22:39:12 echo "INFO: These additional Scandit variables are available to you:"
73 22:39:12 echo " SC_K8S_NODE_NAME: $SC_K8S_NODE_NAME"
74 22:39:12 echo " SC_K8S_IMAGE_ID: $SC_K8S_IMAGE_ID"
75 22:39:12 echo " SC_K8S_KYVERNO_PATCHES: |"
76 22:39:12 echo "$SC_K8S_KYVERNO_PATCHES" | sed 's/^/ /'
77 22:39:12 echo "cpu (r/l): ${SC_K8S_REQUESTS_CPU}/${SC_K8S_LIMITS_CPU}"
78 22:39:12 if command -v numfmt >/dev/null 2>&1; then
79 22:39:12 echo "memory (r/l): $(numfmt --to=iec --suffix=B $SC_K8S_REQUESTS_MEMORY)/$(numfmt --to=iec --suffix=B $SC_K8S_LIMITS_MEMORY)"
80 22:39:12 else
81 22:39:12 echo "memory (r/l): ${SC_K8S_REQUESTS_MEMORY}/${SC_K8S_LIMITS_MEMORY}"
82 22:39:12 fi
83 22:39:12 __start_time=${EPOCHSECONDS}
84 22:39:12 echo ""
85 22:39:12 echo "Grafana Pod-View: https://grafana.scandit.com/d/k8s_views_pods/kubernetes-views-pods?orgId=1&refresh=1m&var-datasource=${GRAFANA_DATASOURCE}&var-host=${SC_K8S_NODE_NAME}&var-namespace=${SC_K8S_NAMESPACE}&var-pod=${HOSTNAME}&var-resolution=15&from=${__start_time}000&to=now"
86 22:39:12 echo "Grafana Node-View: https://grafana.scandit.com/d/k8s_views_nodes/kubernetes-views-nodes?orgId=1&refresh=1m&var-datasource=${GRAFANA_DATASOURCE}&var-node=${SC_K8S_NODE_NAME}&var-resolution=15s&from=${__start_time}000&to=now"
87 22:39:12 echo "Loki Logs: https://grafana.scandit.com/a/grafana-lokiexplore-app/explore/log_group/gitlab-runner/logs?var-ds=${LOKI_DATASOURCE}&var-filters=log_group|=|gitlab-runner&var-filters=source|=|${LOKI_LOGSOURCE}&var-filters=namespace|=|${SC_K8S_NAMESPACE}&var-filters=CI_PROJECT_ID|=|${CI_PROJECT_ID}&var-filters=CI_PIPELINE_ID|=|${CI_PIPELINE_ID}&var-filters=CI_JOB_ID|=|${CI_JOB_ID}&sortOrder=Ascending&from=${__start_time}000&to=now"
88 22:39:12 echo "Lilibet Statistics: https://lilibet.scandit.io/dashboard/204-job-drill-down?date_range=$(date -d '-7 days' +%Y-%m-%d)~$(date -d '+7 days' +%Y-%m-%d)&job_name=${CI_JOB_NAME}&project=${CI_PROJECT_PATH}"
89 22:39:12 echo ""
90 22:39:12 echo "Setting up credentials for Gitlab Python registries"
91 22:39:12 mkdir -p ~
92 22:39:12 echo "machine gitlab.scandit.com" > ~/.netrc
93 22:39:12 echo "login gitlab-ci-token" >> ~/.netrc
94 22:39:12 echo "password ${CI_JOB_TOKEN}" >> ~/.netrc
95 22:39:12 chmod 600 ~/.netrc
96 22:39:12 if command -v git &> /dev/null && [ "$(id -u)" -ne 0 ]; then
97 22:39:12 git config --global --add safe.directory $CI_PROJECT_DIR
98 22:39:12 fi
99 22:39:12 # Sonarqube server is running on the same cluster. Use internal address
100 22:39:12 export SONAR_HOST_URL="http://sonarqube.sonarqube.svc.cluster.local:9000"
101 22:39:12 section_end:1778020751:section_pre_build_script_0
102 22:39:12 INFO: This is the CI job pre_build_script
103 22:39:12 INFO: It's defined in the backend/infra/aws repo.
104 22:39:12 INFO: These additional Scandit variables are available to you:
105 22:39:12 SC_K8S_NODE_NAME: ip-10-0-27-85.eu-central-1.compute.internal
106 22:39:12 SC_K8S_IMAGE_ID:
107 22:39:12 SC_K8S_KYVERNO_PATCHES: |
108 22:39:12
109 22:39:12 cpu (r/l): 1/4
110 22:39:12 memory (r/l): 1.0GB/16GB
111 22:39:12
112 22:39:12 Grafana Pod-View: https://grafana.scandit.com/d/k8s_views_pods/kubernetes-views-pods?orgId=1&refresh=1m&var-datasource=lu1rmx27z&var-host=ip-10-0-27-85.eu-central-1.compute.internal&var-namespace=gitlab-runner&var-pod=runner-wrxjpbsjx-project-621-concurrent-8-1rpskjp9&var-resolution=15&from=1778020751000&to=now
113 22:39:12 Grafana Node-View: https://grafana.scandit.com/d/k8s_views_nodes/kubernetes-views-nodes?orgId=1&refresh=1m&var-datasource=lu1rmx27z&var-node=ip-10-0-27-85.eu-central-1.compute.internal&var-resolution=15s&from=1778020751000&to=now
114 22:39:12 Loki Logs: https://grafana.scandit.com/a/grafana-lokiexplore-app/explore/log_group/gitlab-runner/logs?var-ds=nVsAo7UVk&var-filters=log_group|=|gitlab-runner&var-filters=source|=|k8s-ci.aws.scandit.io&var-filters=namespace|=|gitlab-runner&var-filters=CI_PROJECT_ID|=|621&var-filters=CI_PIPELINE_ID|=|1580356&var-filters=CI_JOB_ID|=|54442896&sortOrder=Ascending&from=1778020751000&to=now
115 22:39:12 Lilibet Statistics: https://lilibet.scandit.io/dashboard/204-job-drill-down?date_range=2026-04-28~2026-05-12&job_name=snyk-container-test-delta&project=internal/gitlab-templates
116 22:39:12
117 22:39:12 Setting up credentials for Gitlab Python registries
118 22:39:12 $ echo "This job scans the given image for known vulnerabilities and outputs the result in the console."
119 22:39:12 This job scans the given image for known vulnerabilities and outputs the result in the console.
120 22:39:12 $ echo "Running 'snyk container test | snyk-delta' on image $IMAGE_URL."
121 22:39:12 Running 'snyk container test | snyk-delta' on image registry.scandit.com/internal/gitlab-templates/python:3.12-MR639.
122 22:39:12 $ snyk container test ${IMAGE_URL} --file=${DOCKERFILE_PATH} --exclude-base-image-vulns --exclude-app-vulns --policy-path=${SNYK_POLICY_PATH} --org=${SNYK_ORG} --json --json-file-output=${OUTPUT_FILE} ${SNYK_EXTRA_PARAMETERS} | snyk-delta --debug
123 22:39:12 2026-05-05T22:39:12.270Z snyk inline mode
124 22:39:41 2026-05-05T22:39:41.508Z snyk Verify input data for JSON structure
125 22:39:42 2026-05-05T22:39:41.732Z snyk Retrieving Snyk Project c1f2e1f2-5df8-4ee1-bb92-12720868582b in org d688d452-cf04-4620-84f0-3431ce4d741a
126 22:42:30 2026-05-05T22:42:30.401Z snyk Monitored snapshot had 17563 issues
127 22:42:30 2026-05-05T22:42:30.401Z snyk Tested project has 0 issues
128 22:42:30 2026-05-05T22:42:30.407Z snyk Severity threshold low
129 22:42:30 2026-05-05T22:42:30.407Z snyk Monitored snapshot had 0 issues
130 22:42:30 2026-05-05T22:42:30.407Z snyk Tested project has 0 issues
131 22:42:30 2026-05-05T22:42:30.407Z snyk Severity threshold low
132 22:42:30 2026-05-05T22:42:30.407Z snyk New Vulns count =0
133 22:42:30 2026-05-05T22:42:30.407Z snyk New Licenses Issues count =0
134 22:42:30 No new issues found !
135 22:42:30
136 22:42:30 Scout Analysis: https://scout.scandit.io/analysis/projects/621/jobs/54442896
137 22:42:30
138 22:42:30
139 22:42:30 Grafana Pod-View: https://grafana.scandit.com/d/k8s_views_pods/kubernetes-views-pods?orgId=1&refresh=1m&var-datasource=lu1rmx27z&var-host=ip-10-0-27-85.eu-central-1.compute.internal&var-namespace=gitlab-runner&var-pod=runner-wrxjpbsjx-project-621-concurrent-8-1rpskjp9&var-resolution=15&from=1778020751000&to=1778020950000
140 22:42:30 Grafana Node-View: https://grafana.scandit.com/d/k8s_views_nodes/kubernetes-views-nodes?orgId=1&refresh=1m&var-datasource=lu1rmx27z&var-node=ip-10-0-27-85.eu-central-1.compute.internal&var-resolution=15s&from=1778020751000&to=1778020950000
141 22:42:30 Loki Logs: https://grafana.scandit.com/a/grafana-lokiexplore-app/explore/log_group/gitlab-runner/logs?var-ds=nVsAo7UVk&var-filters=log_group|=|gitlab-runner&var-filters=source|=|k8s-ci.aws.scandit.io&var-filters=namespace|=|gitlab-runner&var-filters=CI_PROJECT_ID|=|621&var-filters=CI_PIPELINE_ID|=|1580356&var-filters=CI_JOB_ID|=|54442896&sortOrder=Ascending&from=1778020751000&to=1778020950000
142 22:42:30 Lilibet Statistics: https://lilibet.scandit.io/dashboard/204-job-drill-down?date_range=2026-04-28~2026-05-12&job_name=snyk-container-test-delta&project=internal/gitlab-templates
143 22:42:30
144 22:42:30
145 22:42:30 section_end:1778020950:step_script
146 22:42:30 +section_start:1778020950:upload_artifacts_on_success
147 22:42:30 +Uploading artifacts for successful job
148 22:42:30 Uploading artifacts...
149 22:42:30 snyk-container-test.json: found 1 matching artifact files and directories
150 22:42:31 Uploading artifacts as "archive" to coordinator... 201 Created correlation_id=01KQX4X8SXTN1W6ETPFY06V8N7 id=54442896 responseStatus=201 Created token=64_J-NDhz
151 22:42:31 Uploading artifacts...
152 22:42:31 snyk-container-test.json: found 1 matching artifact files and directories
153 22:42:31 Uploading artifacts as "container_scanning" to coordinator... 201 Created correlation_id=01KQX4X96WHCR4YAFXA9RBV1DE id=54442896 responseStatus=201 Created token=64_J-NDhz
154 22:42:31
155 22:42:31 section_end:1778020951:upload_artifacts_on_success
156 22:42:31 +section_start:1778020951:cleanup_file_variables
157 22:42:31 +Cleaning up project directory and file based variables
158 22:42:31
159 22:42:31 section_end:1778020951:cleanup_file_variables
160 22:42:31 +
161 22:42:31 Job succeeded
162