Docker Hub image has wrong entrypoint.sh

[andreabenfatto]

Hi there,

Perhaps there is something wrong with the Docker image pushed on Docker hub. The /entrypoint.sh file is almost empty and doesn't reflect what declared in this repo.

Here the content of the file:

#!/bin/sh -l

/go/bin/tfsec /github/workspace

This image is the one used by the Github Action, therefore nothing is really working: my current Github Workflow timeout and testing locally using Docker the container hangs forever... here the command I'm using:
docker run -it --rm -v (pwd):"/github/workspace" triat/tfsec:latest

[triat]

Hey @andreabenfatto,

This is totally my fault, I used to build this image and use it on github actions but I realized that github is also building the image itself, therefore I dropped the used of it, without removing it. This is my mistake and I'll make sure to remove it to avoid any confusion.

Thanks for your feedback

[andreabenfatto]

Thanks for the quick answer, and by the way thanks for the Github Action, because it's exactly as I would go to build it :)

Honestly, I decided to investigate the Docker hub image because in the first place I've got the same issue using the Github Action (which is pulling the Docker Hub image).

I didn't know either that Github is pushing the images on the hub on your behalf.

[andreabenfatto]

@triat this is what I get now from Github when the workflow tries to pull down the image :(

Pull down action image 'triat/tfsec:latest'
6 /usr/bin/docker pull triat/tfsec:latest
7 Error response from daemon: pull access denied for triat/tfsec, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
8 Warning: Docker pull failed with exit code 1, back off 1.055 seconds before retry.
9 /usr/bin/docker pull triat/tfsec:latest
10 Error response from daemon: pull access denied for triat/tfsec, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
11 Warning: Docker pull failed with exit code 1, back off 3.203 seconds before retry.
8 /usr/bin/docker pull triat/tfsec:latest
9 Error response from daemon: pull access denied for triat/tfsec, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
10 Error: Docker pull failed with exit code 1

[stefanwb]

This fixed it for us:

-        uses: triat/terraform-security-scan@v1
+        uses: triat/terraform-security-scan@v2.0.2

[andreabenfatto]

@stefanwb it fixes the issue here! 🙏

@triat please update the documentation (i.e. the example) to avoid confusion.

[stefanwb]

Related PR here 👉 #22

[stefanwb]

@andreabenfatto good to hear!

BTW we chose for a tag rather than master for the expected stability but for the example master should be fine.

[triat]

Mmh interesting, I should maybe remove those old tags for the sake of not having people stuck on this old way of working.

I saw your PR @stefanwb but I'd like to keep a tag in the documentation as explained in the PR. I'll continue the discussion with you there.

Thanks

[stefanwb]

I think this one can be closed now, right?

[triat]

You're right, I'm closing it