Closed scrthq closed 7 months ago
$ cat ash_stdout.txt
Resolved OCI_RUNNER to: /usr/bin/docker
Building image automated-security-helper:local -- this may take a few minutes during the first build...
Running ASH scan using built image...
ASH version 1.2.3-e-15Mar2024
Repository cloned successfully.
ASH found 60 file(s) in the source directory...
Items to scan for in Dockerfile-cdk are: [ yaml yml json template ]
Items to scan for in Dockerfile-yaml are: [ yaml yml tf json dockerfile ]
Running cdk-docker-execute.sh ...
Running yaml-docker-execute.sh ...
waiting on Dockerfile-cdk to finish ...
Items to scan for in Dockerfile-py are: [ py pyc ipynb ]
Items to scan for in Dockerfile-grype are: [ js jsx ts tsx py java go cs sh ]
Items to scan for in Dockerfile-git are: [ git ]
Items to scan for in Dockerfile-js are: [ js jsx ts tsx ]
Running py-docker-execute.sh ...
Running grype-docker-execute.sh ...
Running js-docker-execute.sh ...
Running git-docker-execute.sh ...
Dockerfile Dockerfile-js returned 0
Dockerfile Dockerfile-git returned 0
Dockerfile Dockerfile-py returned 0
Dockerfile Dockerfile-cdk returned 0
Dockerfile-cdk finished with return code 0
waiting on Dockerfile-yaml to finish ...
Dockerfile Dockerfile-yaml returned 0
Dockerfile-yaml finished with return code 0
waiting on Dockerfile-git to finish ...
Dockerfile-git finished with return code 0
waiting on Dockerfile-py to finish ...
Dockerfile-py finished with return code 0
waiting on Dockerfile-js to finish ...
Dockerfile-js finished with return code 0
waiting on Dockerfile-grype to finish ...
Dockerfile Dockerfile-grype returned 0
Dockerfile-grype finished with return code 0
Jobs return code report:
Dockerfile-cdk : 0
Dockerfile-yaml : 0
Dockerfile-git : 0
Dockerfile-py : 0
Dockerfile-js : 0
Dockerfile-grype : 0
Your final report can be found here: /home/runner/work/automated-security-helper/automated-security-helper/ash_output/aggregated_results.txt
ASH execution completed in 22 seconds.
Highest return code is 0
Issue #, if available:
44
46
36
Description of changes:
44 - Adds new
get-scan-set.py
python script that allows extensible ignore lists to be provided (vs just using .gitignore).46 - Adds the additional extensions under JS_EXTENSIONS and GRYPE_EXTENSIONS known extension lists
36 - Guards
rm
calls with path and variable evaluation before invocation to prevent unexpected directory and file removal✅ By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.