Add CI linting and security scan #5
sbrekerlint.yml
on: push
Lint Shell Scripts with ShellCheck
4s
Lint Dockerfiles with Hadolint
5s
Run Checkov for Dockerfile Security Analysis
17s
Annotations
17 errors and 3 warnings
|
Lint Dockerfiles with Hadolint:
1.1.15/Dockerfile#L11
DL3003 warning: Use WORKDIR to switch to a directory
|
|
Lint Dockerfiles with Hadolint:
1.1.15/Dockerfile#L11
DL3018 warning: Pin versions in apk add. Instead of `apk add <package>` use `apk add <package>=<version>`
|
|
Lint Dockerfiles with Hadolint:
1.1.15/Dockerfile#L11
DL4006 warning: Set the SHELL option -o pipefail before RUN with a pipe in it. If you are using /bin/sh in an alpine image or if your shell is symlinked to busybox then consider explicitly setting your SHELL to /bin/ash, or disable this check
|
|
Lint Dockerfiles with Hadolint:
1.1.15/Dockerfile#L11
DL3019 info: Use the `--no-cache` switch to avoid the need to use `--update` and remove `/var/cache/apk/*` when done installing packages
|
|
Lint Dockerfiles with Hadolint:
1.1.15/Dockerfile#L11
SC2086 info: Double quote to prevent globbing and word splitting.
|
|
Lint Dockerfiles with Hadolint:
1.1.15/Dockerfile#L11
DL3047 info: Avoid use of wget without progress bar. Use `wget --progress=dot:giga <url>`. Or consider using `-q` or `-nv` (shorthands for `--quiet` or `--no-verbose`).
|
|
Lint Dockerfiles with Hadolint:
1.1.16/Dockerfile#L11
DL3003 warning: Use WORKDIR to switch to a directory
|
|
Lint Dockerfiles with Hadolint:
1.1.16/Dockerfile#L11
DL3018 warning: Pin versions in apk add. Instead of `apk add <package>` use `apk add <package>=<version>`
|
|
Lint Dockerfiles with Hadolint:
1.1.16/Dockerfile#L11
DL4006 warning: Set the SHELL option -o pipefail before RUN with a pipe in it. If you are using /bin/sh in an alpine image or if your shell is symlinked to busybox then consider explicitly setting your SHELL to /bin/ash, or disable this check
|
|
Lint Dockerfiles with Hadolint:
1.1.16/Dockerfile#L11
DL3019 info: Use the `--no-cache` switch to avoid the need to use `--update` and remove `/var/cache/apk/*` when done installing packages
|
|
Run Checkov for Dockerfile Security Analysis:
1.1.19.1/Dockerfile#L1
CKV_DOCKER_2: "Ensure that HEALTHCHECK instructions have been added to container images"
|
|
Run Checkov for Dockerfile Security Analysis:
1.1.17/Dockerfile#L1
CKV_DOCKER_2: "Ensure that HEALTHCHECK instructions have been added to container images"
|
|
Run Checkov for Dockerfile Security Analysis:
1.1.21.2/Dockerfile#L1
CKV_DOCKER_2: "Ensure that HEALTHCHECK instructions have been added to container images"
|
|
Run Checkov for Dockerfile Security Analysis:
1.1.15/Dockerfile#L1
CKV_DOCKER_2: "Ensure that HEALTHCHECK instructions have been added to container images"
|
|
Run Checkov for Dockerfile Security Analysis:
1.1.20.1/Dockerfile#L1
CKV_DOCKER_2: "Ensure that HEALTHCHECK instructions have been added to container images"
|
|
Run Checkov for Dockerfile Security Analysis:
1.1.16/Dockerfile#L1
CKV_DOCKER_2: "Ensure that HEALTHCHECK instructions have been added to container images"
|
|
Run Checkov for Dockerfile Security Analysis:
1.1.18/Dockerfile#L1
CKV_DOCKER_2: "Ensure that HEALTHCHECK instructions have been added to container images"
|
|
Lint Shell Scripts with ShellCheck
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
Lint Dockerfiles with Hadolint
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
Run Checkov for Dockerfile Security Analysis
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|