[StepSecurity] Apply security best practices #905
Merged
Wiz Inc. (4ad3b29aa7) / Wiz IaC Scanner
completed
Aug 21, 2024 in 4s
Wiz IaC Scanner
Revealing IaC misconfigurations with Wiz
IaC Misconfigurations Detected: 2
Annotations
Check failure on line 2 in Dockerfile
wiz-inc-4ad3b29aa7 / Wiz IaC Scanner
Missing User Instruction
Rule ID: 3d1b5b23-49be-48dc-b4bf-9590f6ecd862
Severity: High
Resource: FROM={{python:3.10-slim@sha256:8666a639a54acc810408e505e2c6b46b50834385701675ee177f578b3d2fdef9}}
A user should be specified in the dockerfile, otherwise the image will run as root
Raw output
Expected: The 'Dockerfile' should contain the 'USER' instruction
Found: The 'Dockerfile' does not contain any 'USER' instruction
Check notice on line 2 in Dockerfile
wiz-inc-4ad3b29aa7 / Wiz IaC Scanner
Healthcheck Instruction Missing
Rule ID: 66ce3939-f453-418a-ba63-4122152068a4
Severity: Low
Resource: FROM={{python:3.10-slim@sha256:8666a639a54acc810408e505e2c6b46b50834385701675ee177f578b3d2fdef9}}
Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working
Raw output
Expected: Dockerfile should contain instruction 'HEALTHCHECK'
Found: Dockerfile doesn't contain instruction 'HEALTHCHECK'
Loading