search

awslabs / automated-security-helper

https://awslabs.github.io/automated-security-helper/
Apache License 2.0
361 stars 44 forks source link

Issue 58: missing double quotes #64

Closed awsntheule closed 4 months ago

awsntheule commented 4 months ago

Issue #58

Description: This PR adds double quotes to properly handle spaces in source or output directory input.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

orsifacundo commented 4 months ago

LGTM! I tested it for both source and output, it worked great.

github-actions[bot] commented 4 months ago

ASH Scan Output - amd64 - ubuntu-latest

$ cat ash_stdout.txt

Resolved OCI_RUNNER to: /usr/bin/docker
Building image automated-security-helper:local -- this may take a few minutes during the first build...
Running ASH scan using built image...

ASH version 1.2.4-e-26Mar2024

Repository cloned successfully.
ASH found 60 file(s) in the source directory...
Items to scan for in Dockerfile-cdk are: [ yaml yml json template ]
Items to scan for in Dockerfile-yaml are: [ yaml yml tf json dockerfile ]
Running cdk-docker-execute.sh ...
waiting on Dockerfile-cdk to finish ...
Items to scan for in Dockerfile-py are: [ py pyc ipynb ]
Running yaml-docker-execute.sh ...
Items to scan for in Dockerfile-grype are: [ js jsx ts tsx py java go cs sh war jar ]
Items to scan for in Dockerfile-git are: [ git ]
Items to scan for in Dockerfile-js are: [ js jsx ts tsx ]
Running py-docker-execute.sh ...
Running grype-docker-execute.sh ...
Running js-docker-execute.sh ...
Running git-docker-execute.sh ...
Dockerfile Dockerfile-js returned 0
Dockerfile Dockerfile-git returned 0
Dockerfile Dockerfile-py returned 0
Dockerfile Dockerfile-cdk returned 0
Dockerfile-cdk finished with return code 0
waiting on Dockerfile-yaml to finish ...
Dockerfile Dockerfile-grype returned 0
Dockerfile Dockerfile-yaml returned 0
Dockerfile-yaml finished with return code 0
waiting on Dockerfile-git to finish ...
Dockerfile-git finished with return code 0
waiting on Dockerfile-py to finish ...
Dockerfile-py finished with return code 0
waiting on Dockerfile-js to finish ...
Dockerfile-js finished with return code 0
waiting on Dockerfile-grype to finish ...
Dockerfile-grype finished with return code 0
Jobs return code report:
                  Dockerfile-cdk :   0
                 Dockerfile-yaml :   0
                  Dockerfile-git :   0
                   Dockerfile-py :   0
                   Dockerfile-js :   0
                Dockerfile-grype :   0

Your final report can be found here: /home/runner/work/automated-security-helper/automated-security-helper/ash_output/aggregated_results.txt
ASH execution completed in 24 seconds.
Highest return code is 0
Show aggregated_results.txt ```bash ############################################# Start of /out/work/cdk_report_result.txt ############################################# starting to investigate ... found 0 files to scan. Skipping scans. ############################################# End of /out/work/cdk_report_result.txt ############################################# ############################################# Start of /out/work/git_report_result.txt ############################################# >>>>>> begin tree result >>>>>> Git repository detected. Ensure your .gitignore configuration excludes all the files that you intend to ignore. /run/scan/src ├── [ 112] .dockerignore ├── [ 272] .eslintrc.json ├── [4.7K] .github │   └── [4.7K] workflows │   └── [4.6K] ash-build-and-scan.yml ├── [4.5K] .gitignore ├── [1.9K] .pre-commit-hooks.yaml ├── [3.6K] CHANGELOG.md ├── [ 309] CODE_OF_CONDUCT.md ├── [3.5K] CONTRIBUTING.md ├── [5.1K] Dockerfile ├── [ 11K] LICENSE ├── [ 66] NOTICE ├── [ 14K] README.md ├── [5.7K] appsec_cfn_rules │   ├── [ 413] IamUserExistsRule.rb │   ├── [ 664] KeyPairAsCFnParameterRule.rb │   ├── [1.2K] ResourcePolicyStarAccessVerbPolicyRule.rb │   ├── [1.1K] StarResourceAccessPolicyRule.rb │   └── [2.2K] beta │   ├── [ 606] FlowLogsEnabledForVPCsRule.rb │   ├── [ 796] PasswordAsCFnParameterRule.rb │   └── [ 702] RotationEnabledForSecretsManagerRule.rb ├── [3.3K] ash ├── [ 22K] ash-multi ├── [2.9K] helper_dockerfiles │   ├── [ 436] Dockerfile-cdk │   ├── [ 536] Dockerfile-git │   ├── [ 579] Dockerfile-grype │   ├── [ 273] Dockerfile-js │   ├── [ 425] Dockerfile-py │   └── [ 581] Dockerfile-yaml ├── [ 28K] quickstart │   ├── [2.9K] README.md │   └── [ 25K] c9template.yaml └── [ 67K] utils ├── [5.6K] ash_helpers.ps1 ├── [3.2K] ash_helpers.sh ├── [1.4K] cdk-addon-py.py ├── [5.5K] cdk-docker-execute.sh ├── [6.7K] cdk-nag-scan │   ├── [ 117] .gitignore │   ├── [ 65] .npmignore │   ├── [ 536] README.md │   ├── [ 417] bin │   │   └── [ 357] cdk-nag-scan.ts │   ├── [2.2K] cdk.json │   ├── [ 157] jest.config.js │   ├── [1.1K] lib │   │   └── [1.1K] cdk-nag-scan-stack.ts │   ├── [ 571] package.json │   ├── [ 652] test │   │   └── [ 592] cdk-nag-scan.test.ts │   └── [ 663] tsconfig.json ├── [ 22K] cfn-to-cdk │   ├── [1.9K] README.md │   ├── [ 280] app.py │   ├── [ 780] cdk.json │   ├── [ 19K] cfn_to_cdk │   │   ├── [ 0] __init__.py │   │   ├── [ 18K] cfn.json │   │   ├── [ 392] cfn_to_cdk_stack.py │   │   ├── [ 454] cfn_to_cdk_stack.py.j2 │   │   └── [ 323] template_generator.py │   ├── [ 14] requirements-dev.txt │   └── [ 39] requirements.txt ├── [ 388] common.sh ├── [2.9K] get-scan-set.py ├── [3.7K] git-docker-execute.sh ├── [3.5K] grype-docker-execute.sh ├── [2.0K] identifyipynb.sh ├── [2.2K] js-docker-execute.sh ├── [2.4K] py-docker-execute.sh └── [4.8K] yaml-docker-execute.sh 178K used in 13 directories, 61 files <<<<<< end tree -x -h -a --du -I .git result <<<<<< OK git config --local --get-regexp "^secrets\..*$" output: secrets.providers git secrets --aws-provider secrets.patterns (A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16} secrets.patterns ("|')?(AWS|aws|Aws)?_?(SECRET|secret|Secret)?_?(ACCESS|access|Access)?_?(KEY|key|Key)("|')?\s*(:|=>|=)\s*("|')?[A-Za-z0-9/\+=]{40}("|')? secrets.patterns ("|')?(AWS|aws|Aws)?_?(ACCOUNT|account|Account)_?(ID|id|Id)?("|')?\s*(:|=>|=)\s*("|')?[0-9]{4}\-?[0-9]{4}\-?[0-9]{4}("|')? secrets.allowed AKIAIOSFODNN7EXAMPLE secrets.allowed wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY >>>>>> begin git secrets --scan result >>>>>> <<<<<< end git secrets --scan result <<<<<< ############################################# End of /out/work/git_report_result.txt ############################################# ############################################# Start of /out/work/grype_report_result.txt ############################################# >>>>>> Begin Grype output for /run/scan/src >>>>>> No vulnerabilities found <<<<<< End Grype output for /run/scan/src <<<<<< >>>>>> Begin Grype output for /out/work >>>>>> No vulnerabilities found <<<<<< End Grype output for /out/work <<<<<< >>>>>> Begin Syft output for /run/scan/src >>>>>> No packages discovered <<<<<< End Syft output for /run/scan/src <<<<<< >>>>>> Begin Syft output for /out/work >>>>>> No packages discovered <<<<<< End Syft output for /out/work <<<<<< >>>>>> Begin Semgrep output for /run/scan/src >>>>>> METRICS: Using configs from the Registry (like --config=p/ci) reports pseudonymous rule metrics to semgrep.dev. To disable Registry rule metrics, use "--metrics=off". Using configs only from local files (like --config=xyz.yml) does not enable metrics. More information: https://semgrep.dev/docs/metrics ┌─────────────┐ │ Scan Status │ └─────────────┘ Scanning 61 files tracked by git with 1034 Code rules: Language Rules Files Origin Rules ───────────────────────────── ─────────────────── 36 120 Community 1034 bash 4 11 ruby 71 7 python 240 6 json 4 6 yaml 28 3 ts 165 2 js 155 1 dockerfile 4 1 ┌──────────────┐ │ Scan Summary │ └──────────────┘ Some files were skipped or only partially analyzed. Scan was limited to files tracked by git. Partially scanned: 2 files only partially analyzed due to parsing or internal Semgrep errors Scan skipped: 1 files matching .semgrepignore patterns For a full list of skipped files, run semgrep with the --verbose flag. (need more rules? `semgrep login` for additional free Semgrep Registry rules) Ran 547 rules on 60 files: 0 findings. If Semgrep missed a finding, please send us feedback to let us know! See https://semgrep.dev/docs/reporting-false-negatives/ <<<<<< End Semgrep output for /run/scan/src <<<<<< >>>>>> Begin Semgrep output for /out/work >>>>>> ┌─────────────┐ │ Scan Status │ └─────────────┘ Scanning 6 files tracked by git with 1034 Code rules: Scanning 12 files with 36 rules. ┌──────────────┐ │ Scan Summary │ └──────────────┘ (need more rules? `semgrep login` for additional free Semgrep Registry rules) Ran 36 rules on 6 files: 0 findings. If Semgrep missed a finding, please send us feedback to let us know! See https://semgrep.dev/docs/reporting-false-negatives/ <<<<<< End Semgrep output for /out/work <<<<<< ############################################# End of /out/work/grype_report_result.txt ############################################# ############################################# Start of /out/work/js_report_result.txt ############################################# >>>>>> Begin npm audit output for /run/scan/src >>>>>> <<<<<< End npm audit output for /run/scan/src <<<<<< >>>>>> Begin npm audit output for /out/work >>>>>> <<<<<< End npm audit output for /out/work <<<<<< ############################################# End of /out/work/js_report_result.txt ############################################# ############################################# Start of /out/work/py_report_result.txt ############################################# >>>>>> begin identifyipynb output for Jupyter notebook conversion >>>>>> Looking for Jupyter notebook files <<<<<< end identifyipynb output for Jupyter notebook conversion <<<<<< >>>>>> begin bandit result for /run/scan/src >>>>>> [main] INFO profile include tests: None [main] INFO profile exclude tests: None [main] INFO cli include tests: None [main] INFO cli exclude tests: None [main] INFO running on Python 3.10.14 Run started:2024-04-18 14:52:47.142877 Test results: No issues identified. Code scanned: Total lines of code: 131 Total lines skipped (#nosec): 0 Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0 Run metrics: Total issues (by severity): Undefined: 0 Low: 0 Medium: 0 High: 0 Total issues (by confidence): Undefined: 0 Low: 0 Medium: 0 High: 0 Files skipped (0): <<<<<< end bandit result for /run/scan/src <<<<<< >>>>>> begin bandit result for /out/work >>>>>> [main] INFO profile include tests: None [main] INFO profile exclude tests: None [main] INFO cli include tests: None [main] INFO cli exclude tests: None [main] INFO running on Python 3.10.14 Run started:2024-04-18 14:52:47.395234 Test results: No issues identified. Code scanned: Total lines of code: 0 Total lines skipped (#nosec): 0 Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0 Run metrics: Total issues (by severity): Undefined: 0 Low: 0 Medium: 0 High: 0 Total issues (by confidence): Undefined: 0 Low: 0 Medium: 0 High: 0 Files skipped (0): <<<<<< end bandit result for /out/work <<<<<< ############################################# End of /out/work/py_report_result.txt ############################################# ############################################# Start of /out/work/yaml_report_result.txt ############################################# >>>>>> Begin yaml scan output for /run/scan/src >>>>>> starting to investigate ... found 8 files to scan. Starting checkov scans ... >>>>>> begin checkov result for helper_dockerfiles >>>>>> _ _ ___| |__ ___ ___| | _______ __ / __| '_ \ / _ \/ __| |/ / _ \ \ / / | (__| | | | __/ (__| < (_) \ V / \___|_| |_|\___|\___|_|\_\___/ \_/ By Prisma Cloud | version: 3.2.71 <<<<<< end checkov result for helper_dockerfiles <<<<<< >>>>>> begin checkov result for Dockerfile-yaml >>>>>> _ _ ___| |__ ___ ___| | _______ __ / __| '_ \ / _ \/ __| |/ / _ \ \ / / | (__| | | | __/ (__| < (_) \ V / \___|_| |_|\___|\___|_|\_\___/ \_/ By Prisma Cloud | version: 3.2.71 <<<<<< end checkov result for Dockerfile-yaml <<<<<< >>>>>> begin checkov result for Dockerfile-py >>>>>> _ _ ___| |__ ___ ___| | _______ __ / __| '_ \ / _ \/ __| |/ / _ \ \ / / | (__| | | | __/ (__| < (_) \ V / \___|_| |_|\___|\___|_|\_\___/ \_/ By Prisma Cloud | version: 3.2.71 <<<<<< end checkov result for Dockerfile-py <<<<<< >>>>>> begin checkov result for Dockerfile-js >>>>>> _ _ ___| |__ ___ ___| | _______ __ / __| '_ \ / _ \/ __| |/ / _ \ \ / / | (__| | | | __/ (__| < (_) \ V / \___|_| |_|\___|\___|_|\_\___/ \_/ By Prisma Cloud | version: 3.2.71 <<<<<< end checkov result for Dockerfile-js <<<<<< >>>>>> begin checkov result for Dockerfile-grype >>>>>> _ _ ___| |__ ___ ___| | _______ __ / __| '_ \ / _ \/ __| |/ / _ \ \ / / | (__| | | | __/ (__| < (_) \ V / \___|_| |_|\___|\___|_|\_\___/ \_/ By Prisma Cloud | version: 3.2.71 <<<<<< end checkov result for Dockerfile-grype <<<<<< >>>>>> begin checkov result for Dockerfile-git >>>>>> _ _ ___| |__ ___ ___| | _______ __ / __| '_ \ / _ \/ __| |/ / _ \ \ / / | (__| | | | __/ (__| < (_) \ V / \___|_| |_|\___|\___|_|\_\___/ \_/ By Prisma Cloud | version: 3.2.71 <<<<<< end checkov result for Dockerfile-git <<<<<< >>>>>> begin checkov result for Dockerfile-cdk >>>>>> _ _ ___| |__ ___ ___| | _______ __ / __| '_ \ / _ \/ __| |/ / _ \ \ / / | (__| | | | __/ (__| < (_) \ V / \___|_| |_|\___|\___|_|\_\___/ \_/ By Prisma Cloud | version: 3.2.71 <<<<<< end checkov result for Dockerfile-cdk <<<<<< >>>>>> begin checkov result for Dockerfile >>>>>> _ _ ___| |__ ___ ___| | _______ __ / __| '_ \ / _ \/ __| |/ / _ \ \ / / | (__| | | | __/ (__| < (_) \ V / \___|_| |_|\___|\___|_|\_\___/ \_/ By Prisma Cloud | version: 3.2.71 dockerfile scan results: Passed checks: 285, Failed checks: 0, Skipped checks: 2 Check: CKV_DOCKER_10: "Ensure that WORKDIR values are absolute paths" PASSED for resource: /run/scan/src/Dockerfile. File: /run/scan/src/Dockerfile:1-163 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-workdir-values-are-absolute-paths Check: CKV_DOCKER_5: "Ensure update instructions are not use alone in the Dockerfile" PASSED for resource: /run/scan/src/Dockerfile. File: /run/scan/src/Dockerfile:1-163 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-update-instructions-are-not-used-alone-in-the-dockerfile Check: CKV_DOCKER_9: "Ensure that APT isn't used" PASSED for resource: /run/scan/src/Dockerfile. File: /run/scan/src/Dockerfile:1-163 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-is-not-used Check: CKV_DOCKER_11: "Ensure From Alias are unique for multistage builds." PASSED for resource: /run/scan/src/Dockerfile. File: /run/scan/src/Dockerfile:1-163 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-from-alias-is-unique-for-multistage-builds Check: CKV_DOCKER_2: "Ensure that HEALTHCHECK instructions have been added to container images" PASSED for resource: /run/scan/src/Dockerfile.HEALTHCHECK File: /run/scan/src/Dockerfile:148-149 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-that-healthcheck-instructions-have-been-added-to-container-images Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /run/scan/src/Dockerfile.ARG File: /run/scan/src/Dockerfile:6-6 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /run/scan/src/Dockerfile.ENV File: /run/scan/src/Dockerfile:12-12 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /run/scan/src/Dockerfile.ENV File: /run/scan/src/Dockerfile:102-102 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /run/scan/src/Dockerfile.ENV File: /run/scan/src/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /run/scan/src/Dockerfile.ENV File: /run/scan/src/Dockerfile:145-145 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:32-40 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:45-55 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:59-59 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:65-67 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:72-75 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:80-82 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:91-92 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:94-95 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:97-97 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:114-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:123-123 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:125-127 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:32-40 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:45-55 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:59-59 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:65-67 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:72-75 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:80-82 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:91-92 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:94-95 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:97-97 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:114-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:123-123 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:125-127 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.ARG File: /run/scan/src/Dockerfile:6-6 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.ENV File: /run/scan/src/Dockerfile:12-12 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.ENV File: /run/scan/src/Dockerfile:102-102 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.ENV File: /run/scan/src/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.ENV File: /run/scan/src/Dockerfile:145-145 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:32-40 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:45-55 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:59-59 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:65-67 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:72-75 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:80-82 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:91-92 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:94-95 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:97-97 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:114-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:123-123 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:125-127 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /run/scan/src/Dockerfile.ARG File: /run/scan/src/Dockerfile:6-6 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /run/scan/src/Dockerfile.ENV File: /run/scan/src/Dockerfile:12-12 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /run/scan/src/Dockerfile.ENV File: /run/scan/src/Dockerfile:102-102 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /run/scan/src/Dockerfile.ENV File: /run/scan/src/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /run/scan/src/Dockerfile.ENV File: /run/scan/src/Dockerfile:145-145 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:32-40 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:45-55 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:59-59 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:65-67 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:72-75 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:80-82 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:91-92 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:94-95 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:97-97 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:114-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:123-123 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:125-127 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.ARG File: /run/scan/src/Dockerfile:6-6 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.ENV File: /run/scan/src/Dockerfile:12-12 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.ENV File: /run/scan/src/Dockerfile:102-102 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.ENV File: /run/scan/src/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.ENV File: /run/scan/src/Dockerfile:145-145 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:32-40 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:45-55 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:59-59 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:65-67 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:72-75 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:80-82 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:91-92 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:94-95 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:97-97 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:114-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:123-123 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:125-127 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:32-40 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:45-55 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:59-59 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:65-67 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:72-75 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:80-82 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:91-92 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:94-95 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:97-97 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:114-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:123-123 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:125-127 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:32-40 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:45-55 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:59-59 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:65-67 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:72-75 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:80-82 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:91-92 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:94-95 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:97-97 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:114-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:123-123 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:125-127 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.ARG File: /run/scan/src/Dockerfile:6-6 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.ENV File: /run/scan/src/Dockerfile:12-12 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.ENV File: /run/scan/src/Dockerfile:102-102 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.ENV File: /run/scan/src/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.ENV File: /run/scan/src/Dockerfile:145-145 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:32-40 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:45-55 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:59-59 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:65-67 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:72-75 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:80-82 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:91-92 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:94-95 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:97-97 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:114-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:123-123 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:125-127 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:32-40 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:45-55 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:59-59 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:65-67 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:72-75 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:80-82 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:91-92 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:94-95 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:97-97 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:114-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:123-123 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:125-127 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:32-40 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:45-55 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:59-59 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:65-67 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:72-75 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:80-82 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:91-92 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:94-95 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:97-97 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:114-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:123-123 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:125-127 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:32-40 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:45-55 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:59-59 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:65-67 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:72-75 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:80-82 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:91-92 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:94-95 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:97-97 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:114-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:123-123 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:125-127 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:32-40 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:45-55 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:59-59 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:65-67 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:72-75 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:80-82 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:91-92 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:94-95 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:97-97 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:114-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:123-123 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:125-127 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:32-40 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:45-55 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:59-59 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:65-67 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:72-75 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:80-82 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:91-92 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:94-95 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:97-97 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:114-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:123-123 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:125-127 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:32-40 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:45-55 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:59-59 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:65-67 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:72-75 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:80-82 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:91-92 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:94-95 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:97-97 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:114-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:123-123 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:125-127 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:32-40 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:45-55 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:59-59 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:65-67 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:72-75 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:80-82 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:91-92 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:94-95 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:97-97 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:114-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:123-123 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:125-127 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:32-40 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:45-55 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:59-59 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:65-67 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:72-75 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:80-82 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:91-92 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:94-95 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:97-97 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:114-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:123-123 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:125-127 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:32-40 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:45-55 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:59-59 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:65-67 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:72-75 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:80-82 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:91-92 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:94-95 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:97-97 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:114-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:123-123 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /run/scan/src/Dockerfile.RUN File: /run/scan/src/Dockerfile:125-127 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV_DOCKER_7: "Ensure the base image uses a non latest version tag" SKIPPED for resource: /run/scan/src/Dockerfile. Suppress comment: Base image is using a non-latest version tag by default, Checkov is unable to parse due to the use of ARG File: /run/scan/src/Dockerfile:1-163 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-the-base-image-uses-a-non-latest-version-tag Check: CKV_DOCKER_3: "Ensure that a user for the container has been created" SKIPPED for resource: /run/scan/src/Dockerfile. Suppress comment: ASH is focused on mounting source code into the container and scanning it, not running services. Setting USER breaks the ability for certain scanners to work correctly. File: /run/scan/src/Dockerfile:1-163 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-that-a-user-for-the-container-has-been-created <<<<<< end checkov result for Dockerfile <<<<<< found 0 files to scan. Skipping cfn_nag scans. <<<<<< End yaml scan output for /run/scan/src <<<<<< >>>>>> Begin yaml scan output for /out/work >>>>>> starting to investigate ... found 0 files to scan. Skipping checkov scans. found 0 files to scan. Skipping cfn_nag scans. <<<<<< End yaml scan output for /out/work <<<<<< ############################################# End of /out/work/yaml_report_result.txt ############################################# ```