-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' of https://github.com/philips-software/amp-devcon…
…tainer into feature/add-non-root-user
- Loading branch information
Showing
11 changed files
with
139 additions
and
13 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -14,6 +14,8 @@ ARG XWIN_VERSION=0.5.0 | |
|
||
ARG DEBIAN_FRONTEND=noninteractive | ||
|
||
HEALTHCHECK NONE | ||
|
||
SHELL ["/bin/bash", "-o", "pipefail", "-c"] | ||
|
||
HEALTHCHECK NONE | ||
Check failure Code scanning / Hadolint (MegaLinter DOCKERFILE_HADOLINT) Multiple HEALTHCHECK instructions Error
Multiple HEALTHCHECK instructions
Check warning Code scanning / Trivy (MegaLinter REPOSITORY_TRIVY) Multiple HEALTHCHECK defined Medium
Artifact: .devcontainer/Dockerfile
Type: dockerfile Vulnerability DS023 Severity: MEDIUM Message: There are 2 duplicate HEALTHCHECK instructions in the stage Link: DS023 |
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
--- | ||
name: Bug report | ||
about: Create a report to help us improve | ||
title: '' | ||
labels: bug | ||
assignees: '' | ||
|
||
--- | ||
|
||
**Describe the bug** | ||
A clear and concise description of what the bug is. | ||
|
||
**To Reproduce** | ||
Steps to reproduce the behavior: | ||
1. Clone repository '...' in container volume | ||
2. Select build preset '....' | ||
3. Open file '....' | ||
4. See error | ||
|
||
**Expected behavior** | ||
A clear and concise description of what you expected to happen. | ||
|
||
**Screenshots** | ||
If applicable, add screenshots to help explain your problem. | ||
|
||
**Environment (please complete the following information):** | ||
- OS: [e.g. Windows, Linux, OSX] | ||
- Architecture [e.g. x86_64, Apple M2] | ||
- Docker Version [e.g. Docker Desktop 4.25.2] | ||
|
||
**Additional context** | ||
Add any other context about the problem here. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
--- | ||
name: Feature request | ||
about: Suggest an idea for this project | ||
title: '' | ||
labels: enhancement | ||
assignees: '' | ||
|
||
--- | ||
|
||
**Is your feature request related to a problem? Please describe.** | ||
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] | ||
|
||
**Describe the solution you'd like** | ||
A clear and concise description of what you want to happen. | ||
|
||
**Describe alternatives you've considered** | ||
A clear and concise description of any alternative solutions or features you've considered. | ||
|
||
**Additional context** | ||
Add any other context or screenshots about the feature request here. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
--- | ||
name: Tool request | ||
about: Request to include an additional tool | ||
title: 'Request to include <tool>' | ||
labels: enhancement | ||
assignees: '' | ||
|
||
--- | ||
|
||
**What tool would you like to include** | ||
A clear and concise description of the tool you would want to include. Ex. I want to add tool x that does [...] | ||
|
||
**What is the use-case for the inclusion** | ||
Describe why the proposed tool should be added. Please note that project specific tools | ||
should be added to a derived container instead of adding them to amp-devcontainer. | ||
|
||
**What is the estimated size impact** | ||
Describe what the estimated (or absolute) size impact of the inclusion would be on the final | ||
image [size](https://en.wikipedia.org/wiki/Byte#Multiple-byte_units). | ||
Ex. The container image size will increase with 5 MiB. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
--- | ||
name: Supply-chain security | ||
|
||
on: | ||
workflow_dispatch: | ||
branch_protection_rule: | ||
schedule: | ||
- cron: "16 19 * * 6" | ||
push: | ||
branches: [main] | ||
|
||
permissions: read-all | ||
|
||
jobs: | ||
analysis: | ||
name: OSSF Scorecard | ||
runs-on: ubuntu-latest | ||
permissions: | ||
security-events: write | ||
id-token: write | ||
steps: | ||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
with: | ||
persist-credentials: false | ||
- uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 | ||
with: | ||
results_file: results.sarif | ||
results_format: sarif | ||
repo_token: ${{ secrets.SCORECARD_TOKEN }} | ||
publish_results: true | ||
- name: "Upload to code-scanning" | ||
uses: github/codeql-action/upload-sarif@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8 | ||
with: | ||
sarif_file: results.sarif |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
# Security Policy | ||
|
||
## Supported Versions | ||
|
||
The [latest](https://github.com/philips-software/amp-devcontainer/releases/latest) version of | ||
amp-devcontainer is supported with security updates. | ||
|
||
## Reporting a Vulnerability | ||
|
||
If you find a significant vulnerability, or evidence of one, please report it privately. | ||
|
||
Vulnerabilities should be reported using [GitHub's mechanism for privately reporting a vulnerability](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability). Under the | ||
[main repository's security tab](https://github.com/philips-software/amp-devcontainer/security), click "Report a vulnerability" to open the advisory form. | ||
|
||
A member of the amp-devcontainer team will triage the reported vulnerability and if the vulnerability is accepted a security advisory will be published and all further communication will be done via that security advisory. |