Vulnerability Scan Failure Slack Notify #942
vulnerability-scan-failure-notify.yaml
on: schedule
vulnerability-scan-failure-notify
/
vulnerability_scan
2m 3s
Annotations
10 warnings
|
Legacy key/value format with whitespace separator should not be used:
Dockerfile#L33
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
Legacy key/value format with whitespace separator should not be used:
Dockerfile#L27
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
Legacy key/value format with whitespace separator should not be used:
Dockerfile#L24
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
JSON arguments recommended for ENTRYPOINT/CMD to prevent unintended behavior related to OS signals:
Dockerfile#L47
JSONArgsRecommended: JSON arguments recommended for CMD to prevent unintended behavior related to OS signals
More info: https://docs.docker.com/go/dockerfile/rule/json-args-recommended/
|
|
Sensitive data should not be used in the ARG or ENV commands:
Dockerfile#L36
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "UID2_OPERATOR_E2E_CLIENT_API_SECRET_NON_SHARING_RECIPIENT")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
|
Sensitive data should not be used in the ARG or ENV commands:
Dockerfile#L35
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "UID2_OPERATOR_E2E_CLIENT_API_KEY_NON_SHARING_RECIPIENT")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
|
Sensitive data should not be used in the ARG or ENV commands:
Dockerfile#L33
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "UID2_OPERATOR_E2E_CLIENT_API_KEY_SHARING_RECIPIENT")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
|
Sensitive data should not be used in the ARG or ENV commands:
Dockerfile#L31
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "UID2_OPERATOR_E2E_CLIENT_API_KEY")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
|
Legacy key/value format with whitespace separator should not be used:
Dockerfile#L26
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
Sensitive data should not be used in the ARG or ENV commands:
Dockerfile#L23
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "UID2_CORE_E2E_OPERATOR_API_KEY")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
IABTechLab~uid2-e2e~XFLNRT.dockerbuild
|
37.6 KB |
sha256:0fdbb923a90b2d36416b5682973a057ebf8b49a08c6ecefde13e6a2b4e48d033
|
|