Add support for ARM64 platform, make single-container architecture default #43
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ASH Scan Output - amd64 - ubuntu-latest$ cat ash_stdout.txt
Resolved OCI_RUNNER to: /usr/bin/docker
Building image automated-security-helper:local -- this may take a few minutes during the first build...
Running ASH scan using built image...
ASH version 1.2.0-e-06Mar2024
Repository cloned successfully.
Source is a git repository. Using git ls-files to exclude files from scanning.
ASH found 59 file(s) in the source directory...
Items to scan for in Dockerfile-cdk are: [ yaml yml json template ]
Items to scan for in Dockerfile-yaml are: [ yaml yml tf json dockerfile ]
Running cdk-docker-execute.sh ...
Running yaml-docker-execute.sh ...
waiting on Dockerfile-cdk to finish ...
Items to scan for in Dockerfile-py are: [ py pyc ipynb ]
Items to scan for in Dockerfile-js are: [ js ]
Items to scan for in Dockerfile-git are: [ git ]
Items to scan for in Dockerfile-grype are: [ js py java go cs sh ]
Running js-docker-execute.sh ...
Running grype-docker-execute.sh ...
Running py-docker-execute.sh ...
Running git-docker-execute.sh ...
Dockerfile Dockerfile-js returned 0
Dockerfile Dockerfile-git returned 0
Dockerfile Dockerfile-py returned 0
Dockerfile Dockerfile-cdk returned 0
Dockerfile-cdk finished with return code 0
waiting on Dockerfile-yaml to finish ...
Dockerfile Dockerfile-grype returned 0
Dockerfile Dockerfile-yaml returned 0
Dockerfile-yaml finished with return code 0
waiting on Dockerfile-git to finish ...
Dockerfile-git finished with return code 0
waiting on Dockerfile-py to finish ...
Dockerfile-py finished with return code 0
waiting on Dockerfile-js to finish ...
Dockerfile-js finished with return code 0
waiting on Dockerfile-grype to finish ...
Dockerfile-grype finished with return code 0
Jobs return code report:
Dockerfile-cdk : 0
Dockerfile-yaml : 0
Dockerfile-git : 0
Dockerfile-py : 0
Dockerfile-js : 0
Dockerfile-grype : 0
Your final report can be found here: /home/runner/work/automated-security-helper/automated-security-helper/ash_output/aggregated_results.txt
ASH execution completed in 24 seconds.
Highest return code is 0Show aggregated_results.txt#############################################
Start of /out/work/cdk_report_result.txt
#############################################
starting to investigate ...
found 0 files to scan. Skipping scans.
#############################################
End of /out/work/cdk_report_result.txt
#############################################
#############################################
Start of /out/work/git_report_result.txt
#############################################
>>>>>> begin tree result >>>>>>
Git repository detected. Ensure your .gitignore configuration excludes all the files that you intend to ignore.
/run/scan/src
├── [ 112] .dockerignore
├── [ 272] .eslintrc.json
├── [4.7K] .github
│ └── [4.7K] workflows
│ └── [4.6K] ash-build-and-scan.yml
├── [4.5K] .gitignore
├── [1.9K] .pre-commit-hooks.yaml
├── [3.6K] CHANGELOG.md
├── [ 309] CODE_OF_CONDUCT.md
├── [3.5K] CONTRIBUTING.md
├── [5.0K] Dockerfile
├── [ 11K] LICENSE
├── [ 66] NOTICE
├── [ 14K] README.md
├── [5.7K] appsec_cfn_rules
│ ├── [ 413] IamUserExistsRule.rb
│ ├── [ 664] KeyPairAsCFnParameterRule.rb
│ ├── [1.2K] ResourcePolicyStarAccessVerbPolicyRule.rb
│ ├── [1.1K] StarResourceAccessPolicyRule.rb
│ └── [2.2K] beta
│ ├── [ 606] FlowLogsEnabledForVPCsRule.rb
│ ├── [ 796] PasswordAsCFnParameterRule.rb
│ └── [ 702] RotationEnabledForSecretsManagerRule.rb
├── [3.3K] ash
├── [ 23K] ash-multi
├── [2.9K] helper_dockerfiles
│ ├── [ 436] Dockerfile-cdk
│ ├── [ 536] Dockerfile-git
│ ├── [ 579] Dockerfile-grype
│ ├── [ 273] Dockerfile-js
│ ├── [ 425] Dockerfile-py
│ └── [ 581] Dockerfile-yaml
├── [ 28K] quickstart
│ ├── [2.9K] README.md
│ └── [ 25K] c9template.yaml
└── [ 62K] utils
├── [5.6K] ash_helpers.ps1
├── [3.2K] ash_helpers.sh
├── [1.4K] cdk-addon-py.py
├── [5.0K] cdk-docker-execute.sh
├── [6.7K] cdk-nag-scan
│ ├── [ 117] .gitignore
│ ├── [ 65] .npmignore
│ ├── [ 536] README.md
│ ├── [ 417] bin
│ │ └── [ 357] cdk-nag-scan.ts
│ ├── [2.2K] cdk.json
│ ├── [ 157] jest.config.js
│ ├── [1.1K] lib
│ │ └── [1.1K] cdk-nag-scan-stack.ts
│ ├── [ 571] package.json
│ ├── [ 652] test
│ │ └── [ 592] cdk-nag-scan.test.ts
│ └── [ 663] tsconfig.json
├── [ 22K] cfn-to-cdk
│ ├── [1.9K] README.md
│ ├── [ 280] app.py
│ ├── [ 780] cdk.json
│ ├── [ 19K] cfn_to_cdk
│ │ ├── [ 0] __init__.py
│ │ ├── [ 18K] cfn.json
│ │ ├── [ 392] cfn_to_cdk_stack.py
│ │ ├── [ 454] cfn_to_cdk_stack.py.j2
│ │ └── [ 323] template_generator.py
│ ├── [ 14] requirements-dev.txt
│ └── [ 39] requirements.txt
├── [3.5K] git-docker-execute.sh
├── [2.9K] grype-docker-execute.sh
├── [2.0K] identifyipynb.sh
├── [2.1K] js-docker-execute.sh
├── [2.3K] py-docker-execute.sh
└── [4.8K] yaml-docker-execute.sh
174K used in 13 directories, 59 files
<<<<<< end tree -x -h -a --du -I .git result <<<<<<
OK
git config --local --get-regexp "^secrets\..*$" output:
secrets.providers git secrets --aws-provider
secrets.patterns (A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}
secrets.patterns ("|')?(AWS|aws|Aws)?_?(SECRET|secret|Secret)?_?(ACCESS|access|Access)?_?(KEY|key|Key)("|')?\s*(:|=>|=)\s*("|')?[A-Za-z0-9/\+=]{40}("|')?
secrets.patterns ("|')?(AWS|aws|Aws)?_?(ACCOUNT|account|Account)_?(ID|id|Id)?("|')?\s*(:|=>|=)\s*("|')?[0-9]{4}\-?[0-9]{4}\-?[0-9]{4}("|')?
secrets.allowed AKIAIOSFODNN7EXAMPLE
secrets.allowed wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
>>>>>> begin git secrets --scan result >>>>>>
<<<<<< end git secrets --scan result <<<<<<
#############################################
End of /out/work/git_report_result.txt
#############################################
#############################################
Start of /out/work/grype_report_result.txt
#############################################
>>>>>> Begin Grype output for /run/scan/src >>>>>>
No vulnerabilities found
<<<<<< End Grype output for /run/scan/src <<<<<<
>>>>>> Begin Grype output for /out/work >>>>>>
No vulnerabilities found
<<<<<< End Grype output for /out/work <<<<<<
>>>>>> Begin Syft output for /run/scan/src >>>>>>
No packages discovered
<<<<<< End Syft output for /run/scan/src <<<<<<
>>>>>> Begin Syft output for /out/work >>>>>>
No packages discovered
<<<<<< End Syft output for /out/work <<<<<<
>>>>>> Begin Semgrep output for /run/scan/src >>>>>>
METRICS: Using configs from the Registry (like --config=p/ci) reports pseudonymous rule metrics to semgrep.dev.
To disable Registry rule metrics, use "--metrics=off".
Using configs only from local files (like --config=xyz.yml) does not enable metrics.
More information: https://semgrep.dev/docs/metrics
┌─────────────┐
│ Scan Status │
└─────────────┘
Scanning 59 files tracked by git with 1047 Code rules:
Language Rules Files Origin Rules
───────────────────────────── ───────────────────
<multilang> 47 116 Community 1047
bash 4 10
ruby 71 7
json 4 6
python 240 5
yaml 28 3
ts 164 2
js 154 1
dockerfile 5 1
┌──────────────┐
│ Scan Summary │
└──────────────┘
Some files were skipped or only partially analyzed.
Scan was limited to files tracked by git.
Partially scanned: 2 files only partially analyzed due to parsing or internal Semgrep errors
Scan skipped: 1 files matching .semgrepignore patterns
For a full list of skipped files, run semgrep with the --verbose flag.
(need more rules? `semgrep login` for additional free Semgrep Registry rules)
Ran 558 rules on 58 files: 0 findings.
If Semgrep missed a finding, please send us feedback to let us know!
See https://semgrep.dev/docs/reporting-false-negatives/
<<<<<< End Semgrep output for /run/scan/src <<<<<<
>>>>>> Begin Semgrep output for /out/work >>>>>>
┌─────────────┐
│ Scan Status │
└─────────────┘
Scanning 6 files tracked by git with 1047 Code rules:
Scanning 12 files with 47 <multilang> rules.
┌──────────────┐
│ Scan Summary │
└──────────────┘
(need more rules? `semgrep login` for additional free Semgrep Registry rules)
Ran 47 rules on 6 files: 0 findings.
If Semgrep missed a finding, please send us feedback to let us know!
See https://semgrep.dev/docs/reporting-false-negatives/
<<<<<< End Semgrep output for /out/work <<<<<<
#############################################
End of /out/work/grype_report_result.txt
#############################################
#############################################
Start of /out/work/js_report_result.txt
#############################################
>>>>>> Begin npm audit output for /run/scan/src >>>>>>
<<<<<< End npm audit output for /run/scan/src <<<<<<
>>>>>> Begin npm audit output for /out/work >>>>>>
<<<<<< End npm audit output for /out/work <<<<<<
#############################################
End of /out/work/js_report_result.txt
#############################################
#############################################
Start of /out/work/py_report_result.txt
#############################################
>>>>>> begin identifyipynb output for Jupyter notebook conversion >>>>>>
Looking for Jupyter notebook files
<<<<<< end identifyipynb output for Jupyter notebook conversion <<<<<<
>>>>>> begin bandit result for /run/scan/src >>>>>>
[main] INFO profile include tests: None
[main] INFO profile exclude tests: None
[main] INFO cli include tests: None
[main] INFO cli exclude tests: None
[main] INFO running on Python 3.10.13
Run started:2024-03-07 19:23:26.477863
Test results:
No issues identified.
Code scanned:
Total lines of code: 50
Total lines skipped (#nosec): 0
Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0
Run metrics:
Total issues (by severity):
Undefined: 0
Low: 0
Medium: 0
High: 0
Total issues (by confidence):
Undefined: 0
Low: 0
Medium: 0
High: 0
Files skipped (0):
<<<<<< end bandit result for /run/scan/src <<<<<<
>>>>>> begin bandit result for /out/work >>>>>>
[main] INFO profile include tests: None
[main] INFO profile exclude tests: None
[main] INFO cli include tests: None
[main] INFO cli exclude tests: None
[main] INFO running on Python 3.10.13
Run started:2024-03-07 19:23:26.769458
Test results:
No issues identified.
Code scanned:
Total lines of code: 0
Total lines skipped (#nosec): 0
Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0
Run metrics:
Total issues (by severity):
Undefined: 0
Low: 0
Medium: 0
High: 0
Total issues (by confidence):
Undefined: 0
Low: 0
Medium: 0
High: 0
Files skipped (0):
<<<<<< end bandit result for /out/work <<<<<<
#############################################
End of /out/work/py_report_result.txt
#############################################
#############################################
Start of /out/work/yaml_report_result.txt
#############################################
>>>>>> Begin yaml scan output for /run/scan/src >>>>>>
starting to investigate ...
found 8 files to scan. Starting checkov scans ...
>>>>>> begin checkov result for helper_dockerfiles >>>>>>
_ _
___| |__ ___ ___| | _______ __
/ __| '_ \ / _ \/ __| |/ / _ \ \ / /
| (__| | | | __/ (__| < (_) \ V /
\___|_| |_|\___|\___|_|\_\___/ \_/
By Prisma Cloud | version: 3.2.32
<<<<<< end checkov result for helper_dockerfiles <<<<<<
>>>>>> begin checkov result for Dockerfile-yaml >>>>>>
_ _
___| |__ ___ ___| | _______ __
/ __| '_ \ / _ \/ __| |/ / _ \ \ / /
| (__| | | | __/ (__| < (_) \ V /
\___|_| |_|\___|\___|_|\_\___/ \_/
By Prisma Cloud | version: 3.2.32
<<<<<< end checkov result for Dockerfile-yaml <<<<<<
>>>>>> begin checkov result for Dockerfile-py >>>>>>
_ _
___| |__ ___ ___| | _______ __
/ __| '_ \ / _ \/ __| |/ / _ \ \ / /
| (__| | | | __/ (__| < (_) \ V /
\___|_| |_|\___|\___|_|\_\___/ \_/
By Prisma Cloud | version: 3.2.32
<<<<<< end checkov result for Dockerfile-py <<<<<<
>>>>>> begin checkov result for Dockerfile-js >>>>>>
_ _
___| |__ ___ ___| | _______ __
/ __| '_ \ / _ \/ __| |/ / _ \ \ / /
| (__| | | | __/ (__| < (_) \ V /
\___|_| |_|\___|\___|_|\_\___/ \_/
By Prisma Cloud | version: 3.2.32
<<<<<< end checkov result for Dockerfile-js <<<<<<
>>>>>> begin checkov result for Dockerfile-grype >>>>>>
_ _
___| |__ ___ ___| | _______ __
/ __| '_ \ / _ \/ __| |/ / _ \ \ / /
| (__| | | | __/ (__| < (_) \ V /
\___|_| |_|\___|\___|_|\_\___/ \_/
By Prisma Cloud | version: 3.2.32
<<<<<< end checkov result for Dockerfile-grype <<<<<<
>>>>>> begin checkov result for Dockerfile-git >>>>>>
_ _
___| |__ ___ ___| | _______ __
/ __| '_ \ / _ \/ __| |/ / _ \ \ / /
| (__| | | | __/ (__| < (_) \ V /
\___|_| |_|\___|\___|_|\_\___/ \_/
By Prisma Cloud | version: 3.2.32
<<<<<< end checkov result for Dockerfile-git <<<<<<
>>>>>> begin checkov result for Dockerfile-cdk >>>>>>
_ _
___| |__ ___ ___| | _______ __
/ __| '_ \ / _ \/ __| |/ / _ \ \ / /
| (__| | | | __/ (__| < (_) \ V /
\___|_| |_|\___|\___|_|\_\___/ \_/
By Prisma Cloud | version: 3.2.32
<<<<<< end checkov result for Dockerfile-cdk <<<<<<
>>>>>> begin checkov result for Dockerfile >>>>>>
_ _
___| |__ ___ ___| | _______ __
/ __| '_ \ / _ \/ __| |/ / _ \ \ / /
| (__| | | | __/ (__| < (_) \ V /
\___|_| |_|\___|\___|_|\_\___/ \_/
By Prisma Cloud | version: 3.2.32
dockerfile scan results:
Passed checks: 268, Failed checks: 0, Skipped checks: 2
Check: CKV_DOCKER_5: "Ensure update instructions are not use alone in the Dockerfile"
PASSED for resource: /run/scan/src/Dockerfile.
File: /run/scan/src/Dockerfile:1-160
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-update-instructions-are-not-used-alone-in-the-dockerfile
Check: CKV_DOCKER_9: "Ensure that APT isn't used"
PASSED for resource: /run/scan/src/Dockerfile.
File: /run/scan/src/Dockerfile:1-160
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-is-not-used
Check: CKV_DOCKER_11: "Ensure From Alias are unique for multistage builds."
PASSED for resource: /run/scan/src/Dockerfile.
File: /run/scan/src/Dockerfile:1-160
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-from-alias-is-unique-for-multistage-builds
Check: CKV_DOCKER_10: "Ensure that WORKDIR values are absolute paths"
PASSED for resource: /run/scan/src/Dockerfile.
File: /run/scan/src/Dockerfile:1-160
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-workdir-values-are-absolute-paths
Check: CKV_DOCKER_2: "Ensure that HEALTHCHECK instructions have been added to container images"
PASSED for resource: /run/scan/src/Dockerfile.HEALTHCHECK
File: /run/scan/src/Dockerfile:145-146
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-that-healthcheck-instructions-have-been-added-to-container-images
Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:13-13
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17
Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:24-27
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17
Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:32-40
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17
Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:45-55
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17
Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:59-59
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17
Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:60-60
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17
Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:65-67
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17
Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:72-75
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17
Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:80-82
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17
Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:91-92
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17
Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:94-95
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17
Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:97-97
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17
Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:114-117
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17
Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:124-126
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17
Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.ARG
File: /run/scan/src/Dockerfile:6-6
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html
Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.ENV
File: /run/scan/src/Dockerfile:12-12
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html
Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.ENV
File: /run/scan/src/Dockerfile:102-102
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html
Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.ENV
File: /run/scan/src/Dockerfile:137-137
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html
Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.ENV
File: /run/scan/src/Dockerfile:142-142
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html
Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:13-13
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html
Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:24-27
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html
Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:32-40
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html
Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:45-55
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html
Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:59-59
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html
Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:60-60
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html
Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:65-67
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html
Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:72-75
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html
Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:80-82
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html
Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:91-92
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html
Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:94-95
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html
Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:97-97
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html
Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:114-117
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html
Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:124-126
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html
Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.ARG
File: /run/scan/src/Dockerfile:6-6
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html
Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.ENV
File: /run/scan/src/Dockerfile:12-12
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html
Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.ENV
File: /run/scan/src/Dockerfile:102-102
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html
Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.ENV
File: /run/scan/src/Dockerfile:137-137
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html
Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.ENV
File: /run/scan/src/Dockerfile:142-142
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html
Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:13-13
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html
Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:24-27
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html
Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:32-40
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html
Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:45-55
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html
Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:59-59
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html
Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:60-60
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html
Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:65-67
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html
Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:72-75
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html
Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:80-82
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html
Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:91-92
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html
Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:94-95
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html
Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:97-97
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html
Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:114-117
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html
Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:124-126
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html
Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.ARG
File: /run/scan/src/Dockerfile:6-6
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html
Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.ENV
File: /run/scan/src/Dockerfile:12-12
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html
Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.ENV
File: /run/scan/src/Dockerfile:102-102
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html
Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.ENV
File: /run/scan/src/Dockerfile:137-137
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html
Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.ENV
File: /run/scan/src/Dockerfile:142-142
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html
Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:13-13
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html
Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:24-27
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html
Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:32-40
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html
Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:45-55
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html
Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:59-59
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html
Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:60-60
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html
Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:65-67
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html
Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:72-75
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html
Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:80-82
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html
Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:91-92
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html
Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:94-95
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html
Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:97-97
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html
Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:114-117
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html
Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:124-126
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html
Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable"
PASSED for resource: /run/scan/src/Dockerfile.ARG
File: /run/scan/src/Dockerfile:6-6
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html
Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable"
PASSED for resource: /run/scan/src/Dockerfile.ENV
File: /run/scan/src/Dockerfile:12-12
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html
Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable"
PASSED for resource: /run/scan/src/Dockerfile.ENV
File: /run/scan/src/Dockerfile:102-102
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html
Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable"
PASSED for resource: /run/scan/src/Dockerfile.ENV
File: /run/scan/src/Dockerfile:137-137
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html
Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable"
PASSED for resource: /run/scan/src/Dockerfile.ENV
File: /run/scan/src/Dockerfile:142-142
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html
Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:13-13
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html
Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:24-27
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html
Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:32-40
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html
Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:45-55
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html
Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:59-59
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html
Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:60-60
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html
Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:65-67
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html
Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:72-75
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html
Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:80-82
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html
Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:91-92
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html
Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:94-95
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html
Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:97-97
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html
Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:114-117
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html
Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:124-126
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html
Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value"
PASSED for resource: /run/scan/src/Dockerfile.ARG
File: /run/scan/src/Dockerfile:6-6
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html
Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value"
PASSED for resource: /run/scan/src/Dockerfile.ENV
File: /run/scan/src/Dockerfile:12-12
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html
Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value"
PASSED for resource: /run/scan/src/Dockerfile.ENV
File: /run/scan/src/Dockerfile:102-102
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html
Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value"
PASSED for resource: /run/scan/src/Dockerfile.ENV
File: /run/scan/src/Dockerfile:137-137
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html
Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value"
PASSED for resource: /run/scan/src/Dockerfile.ENV
File: /run/scan/src/Dockerfile:142-142
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html
Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:13-13
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html
Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:24-27
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html
Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:32-40
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html
Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:45-55
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html
Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:59-59
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html
Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:60-60
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html
Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:65-67
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html
Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:72-75
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html
Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:80-82
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html
Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:91-92
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html
Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:94-95
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html
Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:97-97
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html
Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:114-117
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html
Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:124-126
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html
Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:13-13
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html
Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:24-27
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html
Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:32-40
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html
Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:45-55
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html
Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:59-59
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html
Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:60-60
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html
Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:65-67
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html
Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:72-75
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html
Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:80-82
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html
Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:91-92
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html
Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:94-95
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html
Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:97-97
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html
Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:114-117
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html
Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:124-126
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html
Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:13-13
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html
Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:24-27
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html
Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:32-40
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html
Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:45-55
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html
Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:59-59
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html
Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:60-60
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html
Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:65-67
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html
Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:72-75
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html
Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:80-82
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html
Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:91-92
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html
Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:94-95
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html
Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:97-97
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html
Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:114-117
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html
Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:124-126
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html
Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:13-13
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html
Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:24-27
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html
Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:32-40
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html
Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:45-55
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html
Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:59-59
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html
Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:60-60
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html
Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:65-67
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html
Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:72-75
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html
Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:80-82
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html
Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:91-92
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html
Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:94-95
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html
Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:97-97
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html
Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:114-117
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html
Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:124-126
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html
Check: CKV2_DOCKER_1: "Ensure that sudo isn't used"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:13-13
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html
Check: CKV2_DOCKER_1: "Ensure that sudo isn't used"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:24-27
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html
Check: CKV2_DOCKER_1: "Ensure that sudo isn't used"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:32-40
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html
Check: CKV2_DOCKER_1: "Ensure that sudo isn't used"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:45-55
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html
Check: CKV2_DOCKER_1: "Ensure that sudo isn't used"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:59-59
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html
Check: CKV2_DOCKER_1: "Ensure that sudo isn't used"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:60-60
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html
Check: CKV2_DOCKER_1: "Ensure that sudo isn't used"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:65-67
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html
Check: CKV2_DOCKER_1: "Ensure that sudo isn't used"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:72-75
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html
Check: CKV2_DOCKER_1: "Ensure that sudo isn't used"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:80-82
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html
Check: CKV2_DOCKER_1: "Ensure that sudo isn't used"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:91-92
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html
Check: CKV2_DOCKER_1: "Ensure that sudo isn't used"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:94-95
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html
Check: CKV2_DOCKER_1: "Ensure that sudo isn't used"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:97-97
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html
Check: CKV2_DOCKER_1: "Ensure that sudo isn't used"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:114-117
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html
Check: CKV2_DOCKER_1: "Ensure that sudo isn't used"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:124-126
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html
Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:13-13
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html
Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:24-27
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html
Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:32-40
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html
Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:45-55
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html
Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:59-59
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html
Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:60-60
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html
Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:65-67
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html
Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:72-75
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html
Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:80-82
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html
Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:91-92
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html
Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:94-95
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html
Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:97-97
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html
Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:114-117
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html
Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:124-126
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html
Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:13-13
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html
Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:24-27
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html
Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:32-40
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html
Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:45-55
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html
Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:59-59
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html
Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:60-60
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html
Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:65-67
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html
Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:72-75
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html
Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:80-82
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html
Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:91-92
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html
Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:94-95
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html
Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:97-97
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html
Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:114-117
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html
Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:124-126
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html
Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:13-13
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html
Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:24-27
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html
Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:32-40
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html
Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:45-55
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html
Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:59-59
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html
Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:60-60
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html
Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:65-67
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html
Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:72-75
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html
Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:80-82
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html
Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:91-92
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html
Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:94-95
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html
Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:97-97
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html
Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:114-117
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html
Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:124-126
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html
Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:13-13
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html
Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:24-27
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html
Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:32-40
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html
Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:45-55
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html
Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:59-59
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html
Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:60-60
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html
Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:65-67
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html
Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:72-75
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html
Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:80-82
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html
Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:91-92
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html
Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:94-95
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html
Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:97-97
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html
Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:114-117
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html
Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:124-126
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html
Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:13-13
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html
Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:24-27
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html
Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:32-40
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html
Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:45-55
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html
Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:59-59
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html
Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:60-60
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html
Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:65-67
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html
Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:72-75
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html
Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:80-82
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html
Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:91-92
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html
Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:94-95
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html
Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:97-97
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html
Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:114-117
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html
Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:124-126
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html
Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:13-13
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html
Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:24-27
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html
Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:32-40
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html
Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:45-55
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html
Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:59-59
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html
Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:60-60
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html
Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:65-67
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html
Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:72-75
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html
Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:80-82
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html
Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:91-92
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html
Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:94-95
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html
Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:97-97
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html
Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:114-117
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html
Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:124-126
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html
Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:13-13
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html
Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:24-27
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html
Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:32-40
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html
Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:45-55
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html
Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:59-59
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html
Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:60-60
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html
Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:65-67
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html
Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:72-75
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html
Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:80-82
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html
Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:91-92
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html
Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:94-95
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html
Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:97-97
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html
Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:114-117
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html
Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state"
PASSED for resource: /run/scan/src/Dockerfile.RUN
File: /run/scan/src/Dockerfile:124-126
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html
Check: CKV_DOCKER_7: "Ensure the base image uses a non latest version tag"
SKIPPED for resource: /run/scan/src/Dockerfile.
Suppress comment: Base image is using a non-latest version tag by default, Checkov is unable to parse due to the use of ARG
File: /run/scan/src/Dockerfile:1-160
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-the-base-image-uses-a-non-latest-version-tag
Check: CKV_DOCKER_3: "Ensure that a user for the container has been created"
SKIPPED for resource: /run/scan/src/Dockerfile.
Suppress comment: ASH is focused on mounting source code into the container and scanning it, not running services. Setting USER breaks the ability for certain scanners to work correctly.
File: /run/scan/src/Dockerfile:1-160
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-that-a-user-for-the-container-has-been-created
<<<<<< end checkov result for Dockerfile <<<<<<
found 0 files to scan. Skipping cfn_nag scans.
<<<<<< End yaml scan output for /run/scan/src <<<<<<
>>>>>> Begin yaml scan output for /out/work >>>>>>
starting to investigate ...
found 0 files to scan. Skipping checkov scans.
found 0 files to scan. Skipping cfn_nag scans.
<<<<<< End yaml scan output for /out/work <<<<<<
#############################################
End of /out/work/yaml_report_result.txt
############################################# |
scrthq
changed the title
scrthq
requested review from
rafaelpereyra,
begimher,
orsifacundo and
climbertjh2
…ed to prevent needing to build when help is requested
…ed to prevent needing to build when help is requested
…ning the command inside the image
climbertjh2
previously approved these changes
Mar 6, 2024
There was a problem hiding this comment.
Changes look good to me.
My only comment is that the Github action step which runs ash on itself seems to write the output folder "under" the source source folder. That might confuse some of the scanners by having files in the "source" area changing mid-scan".
Approving.
Thanks, @climbertjh2 ! We can write it out somewhere else if it makes sense, but that's purely for this repo's pipeline. If we see it in the scan, I agree it should go somewhere else though. Easy to fix, will check it out and push one more change if it's causing trouble. |
climbertjh2
previously approved these changes
Mar 6, 2024
orsifacundo
reviewed
Mar 6, 2024
orsifacundo
reviewed
Mar 6, 2024
Thank you, sir! I checked the aggregated results and wasn't seeing it in the scan list either. |
|
LGTM, awesome work! |
begimher
approved these changes
Mar 7, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue #, if available:
#42
Description of changes:
public.ecr.aws/bitnami/python:3.10topublic.ecr.aws/docker/library/python:3.10-bullseyeto allow builds for linux/arm64 platforms to workashscript has been renamed toash-multiif multi-container architecture is needed from local. When running in the single-container, this is copied in asashitself and becomes the entrypoint of the in-container run to prevent API changes for CI invocations.ashscript for local invocation entrypoint is now defaulting to building the single-container image and running the scan within as normalaggregated_results.txtnow shows the correct, local output path when using the single container instead of/out/aggregated_results.txtashscript as well to validate the entire experience end-to-end--finch|-foption with warning indicating to use--oci-runner finch|-o finchif needing to use Finch explicitlyBy submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.