Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: move Trivy ignore rules into Dockefile #213

Closed
wants to merge 5 commits into from
Closed

chore: move Trivy ignore rules into Dockefile #213

wants to merge 5 commits into from

Conversation

rjaegers
Copy link
Member

No description provided.

@rjaegers rjaegers requested a review from a team as a code owner November 15, 2023 09:59
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Nov 15, 2023
edited
Loading

🦙 MegaLinter status: ❌ ERROR

Descriptor Linter Files Fixed Errors Elapsed time
✅ ACTION actionlint 11 0 0.03s
✅ DOCKERFILE hadolint 1 0 0.38s
✅ JSON eslint-plugin-jsonc 7 0 0 2.6s
✅ JSON prettier 7 0 0 0.54s
✅ JSON v8r 7 0 3.72s
✅ MARKDOWN markdownlint 3 0 0 0.89s
✅ MARKDOWN markdown-link-check 3 0 3.55s
✅ MARKDOWN markdown-table-formatter 3 0 0 0.23s
✅ REPOSITORY checkov yes no 14.26s
✅ REPOSITORY gitleaks yes no 0.26s
✅ REPOSITORY git_diff yes no 0.01s
✅ REPOSITORY grype yes no 11.96s
✅ REPOSITORY secretlint yes no 1.33s
❌ REPOSITORY trivy yes 2 7.11s
✅ REPOSITORY trivy-sbom yes no 3.31s
✅ REPOSITORY trufflehog yes no 2.61s
✅ SPELL lychee 32 0 0.66s
✅ YAML prettier 13 0 0 0.87s
✅ YAML v8r 13 0 11.81s
✅ YAML yamllint 13 0 0.28s

See detailed report in MegaLinter reports

MegaLinter is graciously provided by OX Security

github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 15, 2023
View reviewed changes
.devcontainer/Dockerfile Fixed Show fixed Hide fixed
.devcontainer/Dockerfile Fixed Show fixed Hide fixed
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 15, 2023
View reviewed changes
.devcontainer/Dockerfile Fixed Show fixed Hide fixed
.devcontainer/Dockerfile Fixed Show fixed Hide fixed
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 15, 2023
View reviewed changes
.devcontainer/Dockerfile
@@ -1,3 +1,11 @@
# See: https://avd.aquasec.com/misconfig/dockerfile/general/avd-ds-0002/

Check failure

Code scanning / Trivy (MegaLinter REPOSITORY_TRIVY)

Image user should not be 'root' High

Artifact: .devcontainer/Dockerfile
Type: dockerfile
Vulnerability DS002
Severity: HIGH
Message: Specify at least 1 USER command in Dockerfile with non-root user as argument
Link: DS002
.devcontainer/Dockerfile
@@ -1,3 +1,11 @@
# See: https://avd.aquasec.com/misconfig/dockerfile/general/avd-ds-0002/

Check notice

Code scanning / Trivy (MegaLinter REPOSITORY_TRIVY)

No HEALTHCHECK defined Low

Artifact: .devcontainer/Dockerfile
Type: dockerfile
Vulnerability DS026
Severity: LOW
Message: Add HEALTHCHECK instruction in your Dockerfile
Link: DS026
@github-actions GitHub Actions
Copy link
Contributor

Test Results

16 tests  ±0   16 ✔️ ±0   37s ⏱️ -1s
  1 suites ±0     0 💤 ±0 
  1 files   ±0     0 ±0 

Results for commit 5451bea. ± Comparison against base commit 5eb118f.

@rjaegers
Copy link
Member Author

This does not work yet as expected. Closing for now.

@rjaegers rjaegers closed this Nov 16, 2023
@github-actions GitHub Actions
Copy link
Contributor

Pull Request Report (#213)

Static measures

Description Value
Number of added lines 8
Number of deleted lines 7
Number of changed files 2
Number of commits 5
Number of reviews 3
Number of comments (w/o review comments) 3
Number of reviews that contains a comment to resolve 3
Number of reviews that requested a change from the author 0
Number of reviews that approved the Pull Request 0
Get the total number of participants of a Pull Request 4

Time related measures

Description Value
PR lead time (from creation to close of PR) 1 Days
Time that was spend on the branch before the PR was created 29 Sec
Time that was spend on the branch before the PR was merged 0 Sec
Time to merge after last review 0 Sec

Status check related measures

Description Value
Total runtime for last status check run (Workflow for PR) 20.8 Min
Total time spend in last status check run on PR 16.1 Min

@rjaegers rjaegers deleted the feature/move-trivy-ignore branch November 16, 2023 10:33
This was referenced May 9, 2024
Closed
Closed
Closed
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@rjaegers