Skip to content

chore: move Trivy ignore rules into Dockefile #213

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 5 commits into from
Closed

chore: move Trivy ignore rules into Dockefile #213

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
3f48cfd
chore: move Trivy ignore rules into Dockefile
rjaegers Nov 15, 2023
34b2200
chore: try to get inline Trivy ignore working
rjaegers Nov 15, 2023
06d4343
chore: more Trivy experimentation
rjaegers Nov 15, 2023
01d7846
chore: trying to get Trivy syntax right
rjaegers Nov 15, 2023
5451bea
chore: another try following https://github.com/aquasecurity/trivy/is…
rjaegers Nov 15, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions .devcontainer/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,11 @@
# See: https://avd.aquasec.com/misconfig/dockerfile/general/avd-ds-0002/

Check failure

Code scanning / Trivy (MegaLinter REPOSITORY_TRIVY)

Image user should not be 'root'

Artifact: .devcontainer/Dockerfile Type: dockerfile Vulnerability DS002 Severity: HIGH Message: Specify at least 1 USER command in Dockerfile with non-root user as argument Link: [DS002](https://avd.aquasec.com/misconfig/ds002)

Check notice

Code scanning / Trivy (MegaLinter REPOSITORY_TRIVY)

No HEALTHCHECK defined

Artifact: .devcontainer/Dockerfile Type: dockerfile Vulnerability DS026 Severity: LOW Message: Add HEALTHCHECK instruction in your Dockerfile Link: [DS026](https://avd.aquasec.com/misconfig/ds026)
# We allow root access in our container that we use for development purposes

#trivy:ignore:AVD-DS-0026
# See: https://avd.aquasec.com/misconfig/dockerfile/general/avd-ds-0026/
# We don't require a HEALTHCHECK for our devcontainer

#trivy:ignore:AVD-DS-0002
FROM ubuntu@sha256:2b7412e6465c3c7fc5bb21d3e6f1917c167358449fecac8176c6e496e5c1f05f

ARG BATS_VERSION=1.10.0
Expand Down
7 changes: 0 additions & 7 deletions .trivyignore
View file
Open in desktop

This file was deleted.