We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
I am scanning a folder with a Dockerfile
# Dockerfile FROM python:3.8-slim-buster WORKDIR /app COPY requirements.txt requirements.txt RUN pip3 install --no-cache-dir -r requirements.txt COPY ./main.py ./main.py CMD [ "python3", "-m" , "flask", "run", "--host=0.0.0.0", "--port=5000"]
that installs python packages from a requirements.txt file:
requirements.txt
# requirements.txt flask==2.1.1
I want to scan the vulnerabilities of this configuration.
When I run
terrascan scan
then I get the following error:
Description: Ensure Pinned Pip Package Version, File: terraform/tests/features/resources/apim/Dockerfile, Line: 8, Severity: MEDIUM, Rule Name: pipUnpinnedVersion, Rule ID: AC_DOCKER_0010, Resource Name: Dockerfile, Resource Type: docker_run, Category: Infrastructure Security
However, as you can see, the requirements.txt has all the python package versions pinned. I expect to get no error.
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Description
I am scanning a folder with a Dockerfile
that installs python packages from a
requirements.txt
file:I want to scan the vulnerabilities of this configuration.
What I Did
When I run
then I get the following error:
However, as you can see, the
requirements.txt
has all the python package versions pinned. I expect to get no error.The text was updated successfully, but these errors were encountered: