Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

exclude "scratch" from the default latest check #1613 #1640

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

exclude "scratch" from the default latest check #1613 #1640

wants to merge 1 commit into from

Conversation

robmaw
Copy link

@robmaw robmaw commented Nov 9, 2023

By default, in a docker FROM statement, if no tag is specified, it is treated as the :latest tag. This is flagged by rule AC_DOCKER_0041, but the current rego implementation of the rule erroneously includes the case when the FROM references the special reserved 'image' - "scratch" - ref https://hub.docker.com/_/scratch This PR ensures FROM scratch is not flagged.

@robmaw
exclude "scratch" from the default latest check tenable#1613
f3adf6e 
By default, in a docker FROM statement, if no tag is specified, it is treated as the :latest tag.
This is flagged by rule AC_DOCKER_0041, but the current rego implementation of the rule erroneously includes the case when the FROM references the special reserved 'image' - "scratch" - ref https://hub.docker.com/_/scratch 
This PR ensures FROM scratch is not flagged.
@robmaw robmaw requested a review from a team as a code owner November 9, 2023 03:46
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Nov 9, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@codecov-commenter
Copy link

Codecov Report

Merging #1640 (f3adf6e) into master (2029321) will not change coverage.
The diff coverage is n/a.

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Impacted file tree graph

@@           Coverage Diff           @@
##           master    #1640   +/-   ##
=======================================
  Coverage   78.49%   78.49%           
=======================================
  Files         280      280           
  Lines        7906     7906           
=======================================
  Hits         6206     6206           
  Misses       1329     1329           
  Partials      371      371

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@robmaw @codecov-commenter