Merge pull request #5114 from bcgov/renovate/pypi-jinja2-vulnerability #52
junminahnbuild-push-tools.yml
on: push
build-push-airflow
1m 3s
build-push-zap
1m 11s
build-push-sonarscan
35s
Annotations
10 warnings
|
Legacy key/value format with whitespace separator should not be used:
tools/sonarscan/Dockerfile#L13
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
Legacy key/value format with whitespace separator should not be used:
tools/sonarscan/Dockerfile#L15
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
Sensitive data should not be used in the ARG or ENV commands:
tools/sonarscan/Dockerfile#L15
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "SONARQUBE_TOKEN")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
|
Legacy key/value format with whitespace separator should not be used:
tools/sonarscan/Dockerfile#L11
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
Legacy key/value format with whitespace separator should not be used:
tools/sonarscan/Dockerfile#L12
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
Legacy key/value format with whitespace separator should not be used:
tools/sonarscan/Dockerfile#L14
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
Legacy key/value format with whitespace separator should not be used:
tools/sonarscan/Dockerfile#L16
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
Legacy key/value format with whitespace separator should not be used:
tools/sonarscan/Dockerfile#L17
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
Sensitive data should not be used in the ARG or ENV commands:
tools/sonarscan/Dockerfile#L11
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "GH_TOKEN")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
|
Legacy key/value format with whitespace separator should not be used:
tools/zap/Dockerfile#L15
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
bcgov~platform-services-registry~159U7W.dockerbuild
Expired
|
61.3 KB |
sha256:20e25b7612c660535212aa9abf2006e96acfcd57f0898cafcf4cbe725cd40bbe
|
|
|
bcgov~platform-services-registry~7UVC6G.dockerbuild
Expired
|
34.2 KB |
sha256:719dce076a844b2cda0e3509ef52099c93213200efb32ed4f8953d69deb0d266
|
|
|
bcgov~platform-services-registry~C97UN4.dockerbuild
Expired
|
59.7 KB |
sha256:002c24b6aa440376ac4291a33c68649c4f6990738c5ce3154c005233adae9168
|
|