Docker vulnerability scan #534
pathearddocker-vulnerability-scan.yml
on: schedule
docker-vulnerability-scan
59s
Annotations
3 warnings
|
docker-vulnerability-scan
Unexpected input(s) 'security-checks', valid inputs are ['entryPoint', 'args', 'scan-type', 'image-ref', 'input', 'scan-ref', 'exit-code', 'ignore-unfixed', 'vuln-type', 'severity', 'format', 'template', 'output', 'skip-dirs', 'skip-files', 'cache-dir', 'timeout', 'ignore-policy', 'hide-progress', 'list-all-pkgs', 'scanners', 'trivyignores', 'artifact-type', 'github-pat', 'trivy-config', 'limit-severities-for-sarif']
|
|
docker-vulnerability-scan
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355, aws-actions/amazon-ecr-login@5a88a04c91d5c6f97aae0d9be790e64d9b1d47b7, github/codeql-action/upload-sarif@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
docker-vulnerability-scan
Your docker password is not masked. See https://github.com/aws-actions/amazon-ecr-login#docker-credentials for more information. The default value of the 'mask-password' input has changed from 'false' to 'true' in the v2 release. See https://github.com/aws-actions/amazon-ecr-login/issues/526 for more information.
|