actions/update: fixes incorrect slug comparision #104
release-docker-image.yml
on: push
build, release, sign
5m 49s
Annotations
7 warnings
build, release, sign
Unexpected input(s) 'acs-report-enable', valid inputs are ['image', 'path', 'sbom', 'fail-build', 'output-format', 'severity-cutoff', 'only-fixed', 'add-cpes-if-none', 'by-cve', 'grype-version', 'vex']
|
build, release, sign
Failed minimum severity level. Found vulnerabilities with level 'medium' or higher
|
The 'as' keyword should match the case of the 'from' keyword:
Dockerfile#L27
FromAsCasing: 'as' and 'FROM' keywords' casing do not match
More info: https://docs.docker.com/go/dockerfile/rule/from-as-casing/
|
Sensitive data should not be used in the ARG or ENV commands:
Dockerfile#L112
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ARG "ACCESS_KEY")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
Sensitive data should not be used in the ARG or ENV commands:
Dockerfile#L113
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "ACCESS_KEY")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
Sensitive data should not be used in the ARG or ENV commands:
Dockerfile#L115
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ARG "SECRET_KEY")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
Sensitive data should not be used in the ARG or ENV commands:
Dockerfile#L116
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "SECRET_KEY")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
Artifacts
Produced during runtime
Name | Size | |
---|---|---|
metal-toolbox~ironlib~SE1S29.dockerbuild
Expired
|
98.4 KB |
|