Validate Docker Image #937
validate-image.yaml
on: schedule
build-publish-docker-default
/
build-publish-docker
2m 33s
Annotations
10 warnings
|
Sensitive data should not be used in the ARG or ENV commands:
Dockerfile#L25
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "UID2_CORE_E2E_OPTOUT_INTERNAL_API_KEY")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
|
Legacy key/value format with whitespace separator should not be used:
Dockerfile#L26
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
JSON arguments recommended for ENTRYPOINT/CMD to prevent unintended behavior related to OS signals:
Dockerfile#L47
JSONArgsRecommended: JSON arguments recommended for CMD to prevent unintended behavior related to OS signals
More info: https://docs.docker.com/go/dockerfile/rule/json-args-recommended/
|
|
Legacy key/value format with whitespace separator should not be used:
Dockerfile#L36
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
Sensitive data should not be used in the ARG or ENV commands:
Dockerfile#L33
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "UID2_OPERATOR_E2E_CLIENT_API_KEY_SHARING_RECIPIENT")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
|
Sensitive data should not be used in the ARG or ENV commands:
Dockerfile#L32
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "UID2_OPERATOR_E2E_CLIENT_API_SECRET")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
|
Sensitive data should not be used in the ARG or ENV commands:
Dockerfile#L35
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "UID2_OPERATOR_E2E_CLIENT_API_KEY_NON_SHARING_RECIPIENT")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
|
Legacy key/value format with whitespace separator should not be used:
Dockerfile#L31
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
Legacy key/value format with whitespace separator should not be used:
Dockerfile#L23
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
Legacy key/value format with whitespace separator should not be used:
Dockerfile#L20
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
IABTechLab~uid2-e2e~V7N56N.dockerbuild
|
36.6 KB |
sha256:c21c28e7c13015b345f062362c490de678ba6932fa7a7fe20bf5a39d91c17eb8
|
|