From f863a072917a701861c09c1f1007a25b88bc4b6e Mon Sep 17 00:00:00 2001
From: Stefan Reimer <stefan@zero-downtime.net>
Date: Thu, 13 Jan 2022 16:20:43 +0100
Subject: [PATCH] chore: debug Jenkins

---
 Jenkinsfile |   2 -
 Makefile    |   2 +-
 trivy.html  | 275 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 276 insertions(+), 3 deletions(-)
 create mode 100644 trivy.html
diff --git a/Jenkinsfile b/Jenkinsfile
index 19abd3a..a7268f0 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -18,9 +18,7 @@ pipeline {
         }
         steps {
             sh 'mkdir -p reports'
-	    sh 'env'
             sh 'make scan'
-	    sh 'ls -laR reports'
             publishHTML target : [
                 allowMissing: true,
                 alwaysLinkToLastBuild: true,
diff --git a/Makefile b/Makefile
index 1d00f52..c2a9d6a 100644
--- a/Makefile
+++ b/Makefile
@@ -1,4 +1,4 @@
-VERSION ?= 0.1.1
+VERSION ?= 0.1.2
 BASE ?= latest-alpine-jdk11
 REGISTRY := public.ecr.aws/zero-downtime
 REPOSITORY := jenkins-podman
diff --git a/trivy.html b/trivy.html
new file mode 100644
index 0000000..86efffc
--- /dev/null
+++ b/trivy.html
@@ -0,0 +1,275 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+    <style>
+      * {
+        font-family: Arial, Helvetica, sans-serif;
+      }
+      h1 {
+        text-align: center;
+      }
+      .group-header th {
+        font-size: 200%;
+      }
+      .sub-header th {
+        font-size: 150%;
+      }
+      table, th, td {
+        border: 1px solid black;
+        border-collapse: collapse;
+        white-space: nowrap;
+        padding: .3em;
+      }
+      table {
+        margin: 0 auto;
+      }
+      .severity {
+        text-align: center;
+        font-weight: bold;
+        color: #fafafa;
+      }
+      .severity-LOW .severity { background-color: #5fbb31; }
+      .severity-MEDIUM .severity { background-color: #e9c600; }
+      .severity-HIGH .severity { background-color: #ff8800; }
+      .severity-CRITICAL .severity { background-color: #e40000; }
+      .severity-UNKNOWN .severity { background-color: #747474; }
+      .severity-LOW { background-color: #5fbb3160; }
+      .severity-MEDIUM { background-color: #e9c60060; }
+      .severity-HIGH { background-color: #ff880060; }
+      .severity-CRITICAL { background-color: #e4000060; }
+      .severity-UNKNOWN { background-color: #74747460; }
+      table tr td:first-of-type {
+        font-weight: bold;
+      }
+      .links a,
+      .links[data-more-links=on] a {
+        display: block;
+      }
+      .links[data-more-links=off] a:nth-of-type(1n+5) {
+        display: none;
+      }
+      a.toggle-more-links { cursor: pointer; }
+    </style>
+    <title>image.tar (alpine 3.15.0) - Trivy Report - 2022-01-13T14:47:04.206039544Z</title>
+    <script>
+      window.onload = function() {
+        document.querySelectorAll('td.links').forEach(function(linkCell) {
+          var links = [].concat.apply([], linkCell.querySelectorAll('a'));
+          [].sort.apply(links, function(a, b) {
+            return a.href > b.href ? 1 : -1;
+          });
+          links.forEach(function(link, idx) {
+            if (links.length > 3 && 3 === idx) {
+              var toggleLink = document.createElement('a');
+              toggleLink.innerText = "Toggle more links";
+              toggleLink.href = "#toggleMore";
+              toggleLink.setAttribute("class", "toggle-more-links");
+              linkCell.appendChild(toggleLink);
+            }
+            linkCell.appendChild(link);
+          });
+        });
+        document.querySelectorAll('a.toggle-more-links').forEach(function(toggleLink) {
+          toggleLink.onclick = function() {
+            var expanded = toggleLink.parentElement.getAttribute("data-more-links");
+            toggleLink.parentElement.setAttribute("data-more-links", "on" === expanded ? "off" : "on");
+            return false;
+          };
+        });
+      };
+    </script>
+  </head>
+  <body>
+    <h1>image.tar (alpine 3.15.0) - Trivy Report - 2022-01-13T14:47:04.206060727Z</h1>
+    <table>
+      <tr class="group-header"><th colspan="6">alpine</th></tr>
+      <tr><th colspan="6">No Vulnerabilities found</th></tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">jar</th></tr>
+      <tr><th colspan="6">No Vulnerabilities found</th></tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">gobinary</th></tr>
+      <tr class="sub-header">
+        <th>Package</th>
+        <th>Vulnerability ID</th>
+        <th>Severity</th>
+        <th>Installed Version</th>
+        <th>Fixed Version</th>
+        <th>Links</th>
+      </tr>
+      <tr class="severity-HIGH">
+        <td class="pkg-name">github.com/containerd/containerd</td>
+        <td>CVE-2021-41103</td>
+        <td class="severity">HIGH</td>
+        <td class="pkg-version">v1.5.5</td>
+        <td>v1.4.11, v1.5.7</td>
+        <td class="links" data-more-links="off">
+          <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41103">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41103</a>
+          <a href="https://github.com/containerd/containerd/commit/5b46e404f6b9f661a205e28d59c982d3634148f8">https://github.com/containerd/containerd/commit/5b46e404f6b9f661a205e28d59c982d3634148f8</a>
+          <a href="https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq">https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq</a>
+          <a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/</a>
+          <a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/</a>
+          <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-41103">https://nvd.nist.gov/vuln/detail/CVE-2021-41103</a>
+          <a href="https://ubuntu.com/security/notices/USN-5100-1">https://ubuntu.com/security/notices/USN-5100-1</a>
+          <a href="https://www.debian.org/security/2021/dsa-5002">https://www.debian.org/security/2021/dsa-5002</a>
+        </td>
+      </tr>
+      <tr class="severity-UNKNOWN">
+        <td class="pkg-name">github.com/opencontainers/image-spec</td>
+        <td>GMS-2021-101</td>
+        <td class="severity">UNKNOWN</td>
+        <td class="pkg-version">v1.0.2-0.20210819154149-5ad6f50d6283</td>
+        <td>1.0.2</td>
+        <td class="links" data-more-links="off">
+          <a href="https://github.com/advisories/GHSA-77vh-xpmg-72qh">https://github.com/advisories/GHSA-77vh-xpmg-72qh</a>
+          <a href="https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m">https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m</a>
+          <a href="https://github.com/opencontainers/image-spec/commit/693428a734f5bab1a84bd2f990d92ef1111cd60c">https://github.com/opencontainers/image-spec/commit/693428a734f5bab1a84bd2f990d92ef1111cd60c</a>
+          <a href="https://github.com/opencontainers/image-spec/releases/tag/v1.0.2">https://github.com/opencontainers/image-spec/releases/tag/v1.0.2</a>
+          <a href="https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh">https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh</a>
+        </td>
+      </tr>
+      <tr class="severity-UNKNOWN">
+        <td class="pkg-name">golang.org/x/text</td>
+        <td>CVE-2021-38561</td>
+        <td class="severity">UNKNOWN</td>
+        <td class="pkg-version">v0.3.6</td>
+        <td>0.3.7</td>
+        <td class="links" data-more-links="off">
+        </td>
+      </tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">gobinary</th></tr>
+      <tr class="sub-header">
+        <th>Package</th>
+        <th>Vulnerability ID</th>
+        <th>Severity</th>
+        <th>Installed Version</th>
+        <th>Fixed Version</th>
+        <th>Links</th>
+      </tr>
+      <tr class="severity-HIGH">
+        <td class="pkg-name">golang.org/x/crypto</td>
+        <td>CVE-2020-29652</td>
+        <td class="severity">HIGH</td>
+        <td class="pkg-version">v0.0.0-20201112155050-0c6587e931a9</td>
+        <td>v0.0.0-20201216223049-8b5274cf687f</td>
+        <td class="links" data-more-links="off">
+          <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652</a>
+          <a href="https://go-review.googlesource.com/c/crypto/+/278852">https://go-review.googlesource.com/c/crypto/+/278852</a>
+          <a href="https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1">https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1</a>
+          <a href="https://linux.oracle.com/cve/CVE-2020-29652.html">https://linux.oracle.com/cve/CVE-2020-29652.html</a>
+          <a href="https://linux.oracle.com/errata/ELSA-2021-1796.html">https://linux.oracle.com/errata/ELSA-2021-1796.html</a>
+          <a href="https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E</a>
+          <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-29652">https://nvd.nist.gov/vuln/detail/CVE-2020-29652</a>
+        </td>
+      </tr>
+      <tr class="severity-UNKNOWN">
+        <td class="pkg-name">golang.org/x/text</td>
+        <td>CVE-2021-38561</td>
+        <td class="severity">UNKNOWN</td>
+        <td class="pkg-version">v0.3.5</td>
+        <td>0.3.7</td>
+        <td class="links" data-more-links="off">
+        </td>
+      </tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">gobinary</th></tr>
+      <tr class="sub-header">
+        <th>Package</th>
+        <th>Vulnerability ID</th>
+        <th>Severity</th>
+        <th>Installed Version</th>
+        <th>Fixed Version</th>
+        <th>Links</th>
+      </tr>
+      <tr class="severity-UNKNOWN">
+        <td class="pkg-name">github.com/opencontainers/image-spec</td>
+        <td>GMS-2021-101</td>
+        <td class="severity">UNKNOWN</td>
+        <td class="pkg-version">v1.0.2-0.20210819154149-5ad6f50d6283</td>
+        <td>1.0.2</td>
+        <td class="links" data-more-links="off">
+          <a href="https://github.com/advisories/GHSA-77vh-xpmg-72qh">https://github.com/advisories/GHSA-77vh-xpmg-72qh</a>
+          <a href="https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m">https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m</a>
+          <a href="https://github.com/opencontainers/image-spec/commit/693428a734f5bab1a84bd2f990d92ef1111cd60c">https://github.com/opencontainers/image-spec/commit/693428a734f5bab1a84bd2f990d92ef1111cd60c</a>
+          <a href="https://github.com/opencontainers/image-spec/releases/tag/v1.0.2">https://github.com/opencontainers/image-spec/releases/tag/v1.0.2</a>
+          <a href="https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh">https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh</a>
+        </td>
+      </tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">gobinary</th></tr>
+      <tr class="sub-header">
+        <th>Package</th>
+        <th>Vulnerability ID</th>
+        <th>Severity</th>
+        <th>Installed Version</th>
+        <th>Fixed Version</th>
+        <th>Links</th>
+      </tr>
+      <tr class="severity-UNKNOWN">
+        <td class="pkg-name">github.com/opencontainers/image-spec</td>
+        <td>GMS-2021-101</td>
+        <td class="severity">UNKNOWN</td>
+        <td class="pkg-version">v1.0.2-0.20190823105129-775207bd45b6</td>
+        <td>1.0.2</td>
+        <td class="links" data-more-links="off">
+          <a href="https://github.com/advisories/GHSA-77vh-xpmg-72qh">https://github.com/advisories/GHSA-77vh-xpmg-72qh</a>
+          <a href="https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m">https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m</a>
+          <a href="https://github.com/opencontainers/image-spec/commit/693428a734f5bab1a84bd2f990d92ef1111cd60c">https://github.com/opencontainers/image-spec/commit/693428a734f5bab1a84bd2f990d92ef1111cd60c</a>
+          <a href="https://github.com/opencontainers/image-spec/releases/tag/v1.0.2">https://github.com/opencontainers/image-spec/releases/tag/v1.0.2</a>
+          <a href="https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh">https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh</a>
+        </td>
+      </tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">gobinary</th></tr>
+      <tr><th colspan="6">No Vulnerabilities found</th></tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">gobinary</th></tr>
+      <tr><th colspan="6">No Vulnerabilities found</th></tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">gobinary</th></tr>
+      <tr><th colspan="6">No Vulnerabilities found</th></tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">gobinary</th></tr>
+      <tr><th colspan="6">No Vulnerabilities found</th></tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">gobinary</th></tr>
+      <tr><th colspan="6">No Vulnerabilities found</th></tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">gobinary</th></tr>
+      <tr><th colspan="6">No Vulnerabilities found</th></tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">gobinary</th></tr>
+      <tr><th colspan="6">No Vulnerabilities found</th></tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">gobinary</th></tr>
+      <tr><th colspan="6">No Vulnerabilities found</th></tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">gobinary</th></tr>
+      <tr><th colspan="6">No Vulnerabilities found</th></tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">gobinary</th></tr>
+      <tr><th colspan="6">No Vulnerabilities found</th></tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">gobinary</th></tr>
+      <tr><th colspan="6">No Vulnerabilities found</th></tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">gobinary</th></tr>
+      <tr><th colspan="6">No Vulnerabilities found</th></tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">gobinary</th></tr>
+      <tr><th colspan="6">No Vulnerabilities found</th></tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">gobinary</th></tr>
+      <tr><th colspan="6">No Vulnerabilities found</th></tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">gobinary</th></tr>
+      <tr><th colspan="6">No Vulnerabilities found</th></tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">gobinary</th></tr>
+      <tr><th colspan="6">No Vulnerabilities found</th></tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
+    </table>
+  </body>
+</html>

alpine
No Vulnerabilities found
No Misconfigurations found
jar
No Vulnerabilities found
No Misconfigurations found
gobinary
Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/containerd/containerd	CVE-2021-41103	HIGH	v1.5.5	v1.4.11, v1.5.7	+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41103 + https://github.com/containerd/containerd/commit/5b46e404f6b9f661a205e28d59c982d3634148f8 + https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq + https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/ + https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/ + https://nvd.nist.gov/vuln/detail/CVE-2021-41103 + https://ubuntu.com/security/notices/USN-5100-1 + https://www.debian.org/security/2021/dsa-5002 +
github.com/opencontainers/image-spec	GMS-2021-101	UNKNOWN	v1.0.2-0.20210819154149-5ad6f50d6283	1.0.2	+ https://github.com/advisories/GHSA-77vh-xpmg-72qh + https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m + https://github.com/opencontainers/image-spec/commit/693428a734f5bab1a84bd2f990d92ef1111cd60c + https://github.com/opencontainers/image-spec/releases/tag/v1.0.2 + https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh +
golang.org/x/text	CVE-2021-38561	UNKNOWN	v0.3.6	0.3.7	+
No Misconfigurations found
gobinary
Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/crypto	CVE-2020-29652	HIGH	v0.0.0-20201112155050-0c6587e931a9	v0.0.0-20201216223049-8b5274cf687f	+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652 + https://go-review.googlesource.com/c/crypto/+/278852 + https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1 + https://linux.oracle.com/cve/CVE-2020-29652.html + https://linux.oracle.com/errata/ELSA-2021-1796.html + https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E + https://nvd.nist.gov/vuln/detail/CVE-2020-29652 +
golang.org/x/text	CVE-2021-38561	UNKNOWN	v0.3.5	0.3.7	+
No Misconfigurations found
gobinary
Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/opencontainers/image-spec	GMS-2021-101	UNKNOWN	v1.0.2-0.20210819154149-5ad6f50d6283	1.0.2	+ https://github.com/advisories/GHSA-77vh-xpmg-72qh + https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m + https://github.com/opencontainers/image-spec/commit/693428a734f5bab1a84bd2f990d92ef1111cd60c + https://github.com/opencontainers/image-spec/releases/tag/v1.0.2 + https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh +
No Misconfigurations found
gobinary
Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/opencontainers/image-spec	GMS-2021-101	UNKNOWN	v1.0.2-0.20190823105129-775207bd45b6	1.0.2	+ https://github.com/advisories/GHSA-77vh-xpmg-72qh + https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m + https://github.com/opencontainers/image-spec/commit/693428a734f5bab1a84bd2f990d92ef1111cd60c + https://github.com/opencontainers/image-spec/releases/tag/v1.0.2 + https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh +
No Misconfigurations found
gobinary
No Vulnerabilities found
No Misconfigurations found
gobinary
No Vulnerabilities found
No Misconfigurations found
gobinary
No Vulnerabilities found
No Misconfigurations found
gobinary
No Vulnerabilities found
No Misconfigurations found
gobinary
No Vulnerabilities found
No Misconfigurations found
gobinary
No Vulnerabilities found
No Misconfigurations found
gobinary
No Vulnerabilities found
No Misconfigurations found
gobinary
No Vulnerabilities found
No Misconfigurations found
gobinary
No Vulnerabilities found
No Misconfigurations found
gobinary
No Vulnerabilities found
No Misconfigurations found
gobinary
No Vulnerabilities found
No Misconfigurations found
gobinary
No Vulnerabilities found
No Misconfigurations found
gobinary
No Vulnerabilities found
No Misconfigurations found
gobinary
No Vulnerabilities found
No Misconfigurations found
gobinary
No Vulnerabilities found
No Misconfigurations found
gobinary
No Vulnerabilities found
No Misconfigurations found