unable to initialize a image struct: failed to initialize source: reading manifest tmp in docker.io/library/svc-test: requested access to the resource is denied

[fpt-phongnx8]

Hi team,

I got error today when run github action

Error:

+ FIRST_ARGS=' --exit-level warn --format list'
+ '[' ./dockle-result.txt ]
+ FIRST_ARGS=' --exit-level warn --format list --output ./dockle-result.txt'
+ '[' 1 ]
+ SECOND_ARGS=' --exit-level warn --exit-code 1'
+ RUN_TWICE=
+ '[' ./dockle-result.txt '!='  ]
+ '[' 1 '!=' 0 ]
+ RUN_TWICE=TRUE
+ '[' TRUE ]
+ run_dockle --exit-level warn --format list --output ./dockle-result.txt
+ /usr/bin/dockle --exit-level warn --format list --output ./dockle-result.txt svc-test:tmp
2024-06-13T01:05:26.574Z	FATAL	unable to initialize a image struct: failed to initialize source: reading manifest tmp in docker.io/library/svc-test: requested access to the resource is denied

Github workflow

      - name: Security check by Dockle
        uses: goodwithtech/dockle-action@main
        with:
          image: svc-test:tmp
          output: ${{ inputs.working-directory }}dockle-result.txt
          ignore: ${{ inputs.working-directory }}.dockleignore

Docker version:
Version: 26.1.3

Github Operating System
Ubuntu
22.04.4

Docker images svc-test:tmp builded when run github action (Github Ubuntu machine)

But It's work Ok when I use github image

      - name: Security check by Dockle
        uses: goodwithtech/dockle-action@main
        with:
          image: goodwithtech/test-image:v1
          output: ${{ inputs.working-directory }}dockle-result.txt
          ignore: ${{ inputs.working-directory }}.dockleignore

+ /usr/bin/dockle --exit-level warn --exit-code 1 goodwithtech/test-image:v1
FATAL	- CIS-DI-0009: Use COPY instead of ADD in Dockerfile
	* Use COPY : /bin/sh -c #(nop) ADD file:81c0a803075715d1a6b4f75a29f8a01b21cc170cfc1bff6702317d1be2fe71a3 in /app/credentials.json 
FATAL	- CIS-DI-0010: Do not store credential in environment variables/files
	* Suspicious filename found : app/credentials.json (You can suppress it with "-af credentials.json")
	* Suspicious ENV key found : MYSQL_PASSWD on /bin/sh -c #(nop)  ENV MYSQL_PASSWD=password (You can suppress it with --accept-key)
FATAL	- DKL-DI-0005: Clear apt-get caches
	* Use 'rm -rf /var/lib/apt/lists' after 'apt-get install|update' : /bin/sh -c apt-get update && apt-get install -y git
FATAL	- DKL-LI-0001: Avoid empty password
	* No password user found! username : nopasswd
INFO	- CIS-DI-0008: Confirm safety of setuid/setgid files
	* setuid file: urwxr-xr-x bin/ping
	* setgid file: grwxr-xr-x usr/bin/chage
	* setgid file: grwxr-xr-x usr/bin/wall
	* setgid file: grwxr-xr-x usr/bin/expiry
	* setgid file: grwxr-xr-x usr/bin/ssh-agent
	* setuid file: urwxr-xr-x bin/umount
	* setuid file: urwxr-xr-x usr/bin/chfn
	* setuid file: urwxr-xr-x usr/bin/gpasswd
	* setuid file: urwxr-xr-x usr/bin/passwd
	* setgid file: grwxr-xr-x sbin/unix_chkpwd
	* setuid file: urwxr-xr-x bin/su
	* setuid file: urwxr-xr-x bin/mount
	* setuid file: urwxr-xr-x usr/bin/newgrp
	* setuid file: urwxr-xr-x usr/bin/chsh
	* setuid file: urwxr-xr-x usr/lib/openssh/ssh-keysign