Skip to content
Docker Security Scan

Docker Security Scan #257

Sign in to view logs

Docker Security Scan

Docker Security Scan #257

Triggered via schedule April 28, 2026 08:04
@josecelanojosecelano
c536c53
main
Status Failure
Total duration 5m 1s
Artifacts 8

docker-security-scan.yml

on: schedule
Matrix: Scan Project-Built Docker Images
Extract Third-Party Docker Images from Source
1m 23s
Extract Third-Party Docker Images from Source
Upload SARIF Results to GitHub Security
17s
Upload SARIF Results to GitHub Security
Matrix: Scan Third-Party Docker Images
Fit to window
Zoom out
Zoom in

Annotations

2 errors and 10 warnings
Scan Third-Party Docker Images (grafana/grafana:13.0.0)
Path does not exist: trivy.sarif
Scan Third-Party Docker Images (grafana/grafana:13.0.0)
Process completed with exit code 1.
Scan Project-Built Docker Images (docker/ssh-server/Dockerfile, docker/ssh-server, ssh-server)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
Scan Project-Built Docker Images (docker/backup/Dockerfile, docker/backup, tracker-backup)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
Scan Project-Built Docker Images (docker/provisioned-instance/Dockerfile, docker/provisioned-inst...
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
Scan Third-Party Docker Images (grafana/grafana:13.0.0)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
Scan Third-Party Docker Images (grafana/grafana:13.0.0)
No files were found with the provided path: trivy.sarif. No artifacts will be uploaded.
Scan Third-Party Docker Images (caddy:2.11.2)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
Scan Third-Party Docker Images (torrust/tracker:develop)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
Scan Third-Party Docker Images (prom/prometheus:v3.11.2)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
Scan Third-Party Docker Images (mysql:8.4)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
Scan Project-Built Docker Images (docker/deployer/Dockerfile, ., deployer)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/

Artifacts

Produced during runtime
Name Size Digest
sarif-project-deployer-25041289667
48 KB
sha256:ee95e431064f886f6c9caf94a59e0c712c3a2621dd3cc7824a3b5873e7cef613
sarif-project-provisioned-instance-25041289667
11.1 KB
sha256:4ddb5132b2924f9229a617bd31eac81cb2d2bc464432bea07ec7e25dd7dde11c
sarif-project-ssh-server-25041289667
602 Bytes
sha256:43eda1eb89ea13e1a82748d4f6bf8154458bf308d252eebed4304be25577f625
sarif-project-tracker-backup-25041289667
14.1 KB
sha256:62184617f503d6e6567728d0f302ff9b6e9d21062a68788fef83b5d866bb6869
sarif-third-party-caddy-2.11.2-25041289667
7.49 KB
sha256:018ad0b4598db987b3c61650100d9e95010c78d785691a7d7319bf702984eae2
sarif-third-party-mysql-8.4-25041289667
9.06 KB
sha256:70ade469cf230cf7134b31451197c3bd617d19737d403c774707c828cf4ba9aa
sarif-third-party-prom-prometheus-v3.11.2-25041289667
2.62 KB
sha256:17dd9cedf0b0c33901a70217929a73fe311d15993eaf2b32bba22f43f9c70efd
sarif-third-party-torrust-tracker-develop-25041289667
4.19 KB
sha256:17bef3cad4d9626c9d4bb996912e75e43112843b8682565b6695dacc98472f25