Skip to content
Build and publish dev build for read db project

Copied owasp from .github #69

Sign in to view logs

Copied owasp from .github

Copied owasp from .github #69

Triggered via push December 30, 2024 10:35
@Nikita-Smirnov-ExactproNikita-Smirnov-Exactpro
pushed 5ef5b7a
test-owasp
Status Failure
Total duration 2m 25s
Artifacts 2

build-sanpshot.yml

on: push
Collect app version  /  Pre-build steps for project app
5s
Collect app version / Pre-build steps for project app
Collect grpc version  /  Pre-build steps for project grpc
8s
Collect grpc version / Pre-build steps for project grpc
Build and publish Java gRPC distributions  /  Build Gradle module grpc
1m 14s
Build and publish Java gRPC distributions / Build Gradle module grpc
Build and publish Java core distributions  /  Build Gradle module core
1m 25s
Build and publish Java core distributions / Build Gradle module core
Build and publish Java oracle extension distributions  /  Build Gradle module oracle
1m 16s
Build and publish Java oracle extension distributions / Build Gradle module oracle
owasp-scan
39s
owasp-scan
Build docker image  /  docker-push
1m 18s
Build docker image / docker-push
license-scan  /  check_licenses
1m 30s
license-scan / check_licenses
Build and publish Python distributions to PyPI  /  Build and publish Python distributions to PyPI
1m 11s
Build and publish Python distributions to PyPI / Build and publish Python distributions to PyPI
Scan Docker image for vulnerabilities  /  trivy-scan-job
37s
Scan Docker image for vulnerabilities / trivy-scan-job
Fit to window
Zoom out
Zoom in

Annotations

2 errors and 5 warnings
owasp-scan
Path does not exist: ./build/reports/dependency-check-report.sarif
owasp-scan
Process completed with exit code 1.
Build and publish Java gRPC distributions / Build Gradle module grpc
Could not find any files for grpc/build/test-results/**/*.xml, grpc/build/test-results/**/*.trx, grpc/build/test-results/**/*.json
attestations input ignored
The workflow was run with the 'attestations: true' input, but an explicit password was also set, disabling Trusted Publishing. As a result, the attestations input is ignored.
Upgrade to Trusted Publishing
Trusted Publishers allows publishing packages to PyPI from automated environments like GitHub Actions without needing to use username/password combinations or API tokens to authenticate with PyPI. Read more: https://docs.pypi.org/trusted-publishers
Create a Trusted Publisher
A new Trusted Publisher for the currently running publishing workflow can be created by accessing the following link(s) while logged-in as an owner of the package(s):
license-scan / check_licenses
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Artifacts

Produced during runtime
Name Size
licenses_check-th2-read-db-0.12.0-test-owasp-12545345089-5ef5b7a
24.5 KB
th2-net~th2-read-db~V6Y4ZT.dockerbuild
25.2 KB