search

awslabs / automated-security-helper

https://awslabs.github.io/automated-security-helper/
Apache License 2.0
361 stars 44 forks source link

Update ash-multi #87

Closed orsifacundo closed 2 months ago

orsifacundo commented 2 months ago

Change messages of found files to adjust local execution mode

Issue #, if available:

Description of changes: After adding the local execution mode, the messaging was different from the multi-container mode when file were found. I adjusted the messaging to that.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

github-actions[bot] commented 2 months ago

ASH Scan Output - amd64 - ubuntu-latest

$ cat ash_stdout.txt

Resolved OCI_RUNNER to: /usr/bin/docker
Building image automated-security-helper:local -- this may take a few minutes during the first build...
Running ASH scan using built image...

ASH version v1.3.3

Repository cloned successfully.
ASH found 76 file(s) in the source directory...
Items to scan for in Dockerfile-cdk are: [ yaml yml json template ]
Items to scan for in Dockerfile-yaml are: [ yaml yml tf json dockerfile ]
Found one or more of: [ yaml yml json template ] items in source dir, running cdk-docker-execute.sh ...
Found one or more of: [ yaml yml tf json dockerfile ] items in source dir, running yaml-docker-execute.sh ...
waiting on Dockerfile-cdk to finish ...
Items to scan for in Dockerfile-grype are: [ js jsx ts tsx py java go cs sh war jar ]
Items to scan for in Dockerfile-js are: [ js jsx ts tsx ]
Found one or more of: [ js jsx ts tsx py java go cs sh war jar ] items in source dir, running grype-docker-execute.sh ...
Found one or more of: [ js jsx ts tsx ] items in source dir, running js-docker-execute.sh ...
Items to scan for in Dockerfile-py are: [ py pyc ipynb ]
Items to scan for in Dockerfile-git are: [ git ]
Found one or more of: [ git ] items in source dir, running git-docker-execute.sh ...
Found one or more of: [ py pyc ipynb ] items in source dir, running py-docker-execute.sh ...
Dockerfile Dockerfile-js returned 0
Dockerfile Dockerfile-git returned 0
Dockerfile Dockerfile-py returned 0
Dockerfile Dockerfile-cdk returned 0
Dockerfile-cdk finished with return code 0
waiting on Dockerfile-yaml to finish ...
Dockerfile Dockerfile-yaml returned 0
Dockerfile-yaml finished with return code 0
waiting on Dockerfile-git to finish ...
Dockerfile-git finished with return code 0
waiting on Dockerfile-py to finish ...
Dockerfile-py finished with return code 0
waiting on Dockerfile-js to finish ...
Dockerfile-js finished with return code 0
waiting on Dockerfile-grype to finish ...
Dockerfile Dockerfile-grype returned 0
Dockerfile-grype finished with return code 0
Jobs return code report:
                  Dockerfile-cdk :   0
                 Dockerfile-yaml :   0
                  Dockerfile-git :   0
                   Dockerfile-py :   0
                   Dockerfile-js :   0
                Dockerfile-grype :   0

Your final report can be found here: /out/aggregated_results.txt
ASH execution completed in 24 seconds.
Highest return code is 0
Show aggregated_results.txt ```bash ############################################# Start of /out/work/cdk_report_result.txt ############################################# starting to investigate ... found 0 files to scan. Skipping scans. ############################################# End of /out/work/cdk_report_result.txt ############################################# ############################################# Start of /out/work/git_report_result.txt ############################################# >>>>>> begin tree result >>>>>> Git repository detected. Ensure your .gitignore configuration excludes all the files that you intend to ignore. /tmp/ash-run-scan.EtSI ├── [ 112] .dockerignore ├── [ 272] .eslintrc.json ├── [ 14K] .github │   └── [9.9K] workflows │   ├── [4.6K] ash-build-and-scan.yml │   └── [1.3K] docs-build-and-deploy.yml ├── [4.5K] .gitignore ├── [1.9K] .pre-commit-hooks.yaml ├── [5.0K] CHANGELOG.md ├── [ 309] CODE_OF_CONDUCT.md ├── [3.5K] CONTRIBUTING.md ├── [5.2K] Dockerfile ├── [ 11K] LICENSE ├── [ 66] NOTICE ├── [ 14K] README.md ├── [ 7] __version__ ├── [ 13K] appsec_cfn_rules │   ├── [ 413] IamUserExistsRule.rb │   ├── [ 664] KeyPairAsCFnParameterRule.rb │   ├── [1.2K] ResourcePolicyStarAccessVerbPolicyRule.rb │   ├── [1.1K] StarResourceAccessPolicyRule.rb │   └── [6.1K] beta │   ├── [ 606] FlowLogsEnabledForVPCsRule.rb │   ├── [ 796] PasswordAsCFnParameterRule.rb │   └── [ 702] RotationEnabledForSecretsManagerRule.rb ├── [3.5K] ash ├── [ 23K] ash-multi ├── [ 93K] docs │   ├── [ 78K] content │   │   ├── [ 11K] assets │   │   │   └── [7.4K] images │   │   │   └── [3.4K] aws-logo-light.svg │   │   ├── [3.2K] contributing.md │   │   ├── [7.5K] docs │   │   │   ├── [ 714] prerequisites.md │   │   │   └── [2.8K] support.md │   │   ├── [1.5K] faq.md │   │   ├── [6.3K] index.md │   │   └── [ 44K] tutorials │   │   ├── [ 35K] CI │   │   │   ├── [ 20K] ASH Execution Environment Viability.drawio │   │   │   ├── [5.7K] AzurePipelines │   │   │   │   └── [1.7K] azure-pipelines.yml │   │   │   └── [5.3K] Jenkins │   │   │   └── [1.3K] Jenkinsfile │   │   ├── [2.3K] cloud9-quickstart.md │   │   └── [3.1K] running-ash-locally.md │   └── [ 11K] overrides │   └── [7.4K] .icons │   └── [3.4K] aws-logo-light.svg ├── [6.8K] helper_dockerfiles │   ├── [ 436] Dockerfile-cdk │   ├── [ 536] Dockerfile-git │   ├── [ 579] Dockerfile-grype │   ├── [ 273] Dockerfile-js │   ├── [ 425] Dockerfile-py │   └── [ 581] Dockerfile-yaml ├── [2.0K] mkdocs.yml ├── [ 31K] quickstart │   ├── [2.9K] README.md │   └── [ 25K] c9template.yaml ├── [ 274] requirements.txt └── [ 98K] utils ├── [5.5K] ash_helpers.ps1 ├── [3.2K] ash_helpers.sh ├── [1.4K] cdk-addon-py.py ├── [6.4K] cdk-docker-execute.sh ├── [ 23K] cdk-nag-scan │   ├── [ 117] .gitignore │   ├── [ 65] .npmignore │   ├── [ 536] README.md │   ├── [5.2K] bin │   │   └── [1.2K] cdk-nag-scan.ts │   ├── [2.2K] cdk.json │   ├── [ 157] jest.config.js │   ├── [4.9K] lib │   │   └── [ 930] cdk-nag-scan-stack.ts │   ├── [ 571] package.json │   ├── [4.6K] test │   │   └── [ 592] cdk-nag-scan.test.ts │   └── [ 663] tsconfig.json ├── [ 30K] cfn-to-cdk │   ├── [1.9K] README.md │   ├── [ 280] app.py │   ├── [ 780] cdk.json │   ├── [ 23K] cfn_to_cdk │   │   ├── [ 0] __init__.py │   │   ├── [ 18K] cfn.json │   │   ├── [ 392] cfn_to_cdk_stack.py │   │   ├── [ 454] cfn_to_cdk_stack.py.j2 │   │   └── [ 323] template_generator.py │   ├── [ 14] requirements-dev.txt │   └── [ 39] requirements.txt ├── [ 526] common.sh ├── [6.2K] get-scan-set.py ├── [3.4K] git-docker-execute.sh ├── [3.4K] grype-docker-execute.sh ├── [1.8K] identifyipynb.sh ├── [2.4K] js-docker-execute.sh ├── [2.2K] py-docker-execute.sh └── [4.6K] yaml-docker-execute.sh 335K used in 24 directories, 77 files <<<<<< end tree -x -h -a --du -I .git result <<<<<< OK git config --local --get-regexp "^secrets\..*$" output: secrets.providers git secrets --aws-provider secrets.patterns (A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16} secrets.patterns ("|')?(AWS|aws|Aws)?_?(SECRET|secret|Secret)?_?(ACCESS|access|Access)?_?(KEY|key|Key)("|')?\s*(:|=>|=)\s*("|')?[A-Za-z0-9/\+=]{40}("|')? secrets.patterns ("|')?(AWS|aws|Aws)?_?(ACCOUNT|account|Account)_?(ID|id|Id)?("|')?\s*(:|=>|=)\s*("|')?[0-9]{4}\-?[0-9]{4}\-?[0-9]{4}("|')? secrets.allowed AKIAIOSFODNN7EXAMPLE secrets.allowed wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY >>>>>> begin git secrets --scan result >>>>>> <<<<<< end git secrets --scan result <<<<<< ############################################# End of /out/work/git_report_result.txt ############################################# ############################################# Start of /out/work/grype_report_result.txt ############################################# >>>>>> Begin Grype output for /tmp/ash-run-scan.EtSI >>>>>> No vulnerabilities found <<<<<< End Grype output for /tmp/ash-run-scan.EtSI <<<<<< >>>>>> Begin Grype output for /out/work >>>>>> No vulnerabilities found <<<<<< End Grype output for /out/work <<<<<< >>>>>> Begin Syft output for /tmp/ash-run-scan.EtSI >>>>>> NAME VERSION TYPE actions/checkout v4 github-action (+1 duplicate) actions/setup-python v5 github-action actions/upload-artifact v4 github-action docker/setup-buildx-action v3 github-action mkdocs-awesome-pages-plugin 2.8.0 python mshick/add-pr-comment v2 github-action pytest 6.2.5 python <<<<<< End Syft output for /tmp/ash-run-scan.EtSI <<<<<< >>>>>> Begin Syft output for /out/work >>>>>> No packages discovered <<<<<< End Syft output for /out/work <<<<<< >>>>>> Begin Semgrep output for /tmp/ash-run-scan.EtSI >>>>>> METRICS: Using configs from the Registry (like --config=p/ci) reports pseudonymous rule metrics to semgrep.dev. To disable Registry rule metrics, use "--metrics=off". Using configs only from local files (like --config=xyz.yml) does not enable metrics. More information: https://semgrep.dev/docs/metrics ┌─────────────┐ │ Scan Status │ └─────────────┘ Scanning 77 files tracked by git with 1039 Code rules: Language Rules Files Origin Rules ───────────────────────────── ─────────────────── 36 152 Community 1039 bash 4 11 ruby 71 7 python 241 6 yaml 29 6 json 4 6 ts 165 2 js 155 1 dockerfile 4 1 ┌──────────────┐ │ Scan Summary │ └──────────────┘ Some files were skipped or only partially analyzed. Scan was limited to files tracked by git. Partially scanned: 2 files only partially analyzed due to parsing or internal Semgrep errors Scan skipped: 1 files matching .semgrepignore patterns For a full list of skipped files, run semgrep with the --verbose flag. (need more rules? `semgrep login` for additional free Semgrep Registry rules) Ran 549 rules on 76 files: 0 findings. If Semgrep missed a finding, please send us feedback to let us know! See https://semgrep.dev/docs/reporting-false-negatives/ <<<<<< End Semgrep output for /tmp/ash-run-scan.EtSI <<<<<< >>>>>> Begin Semgrep output for /out/work >>>>>> ┌─────────────┐ │ Scan Status │ └─────────────┘ Scanning 6 files tracked by git with 1039 Code rules: Scanning 12 files with 36 rules. ┌──────────────┐ │ Scan Summary │ └──────────────┘ (need more rules? `semgrep login` for additional free Semgrep Registry rules) Ran 36 rules on 6 files: 0 findings. If Semgrep missed a finding, please send us feedback to let us know! See https://semgrep.dev/docs/reporting-false-negatives/ <<<<<< End Semgrep output for /out/work <<<<<< ############################################# End of /out/work/grype_report_result.txt ############################################# ############################################# Start of /out/work/js_report_result.txt ############################################# ############################################# End of /out/work/js_report_result.txt ############################################# ############################################# Start of /out/work/py_report_result.txt ############################################# >>>>>> begin identifyipynb output for Jupyter notebook conversion >>>>>> [2024-05-31 14:51:05] DEBUG: [ipynb] pwd: '/tmp/ash-run-scan.EtSI' :: _ASH_SOURCE_DIR: /tmp/ash-run-scan.EtSI :: _ASH_RUN_DIR: /tmp/ash-run-scan.EtSI Looking for Jupyter notebook files <<<<<< end identifyipynb output for Jupyter notebook conversion <<<<<< >>>>>> begin bandit result for /tmp/ash-run-scan.EtSI >>>>>> [main] INFO profile include tests: None [main] INFO profile exclude tests: None [main] INFO cli include tests: None [main] INFO cli exclude tests: None [main] INFO running on Python 3.10.14 Run started:2024-05-31 14:51:05.736693 Test results: No issues identified. Code scanned: Total lines of code: 194 Total lines skipped (#nosec): 0 Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0 Run metrics: Total issues (by severity): Undefined: 0 Low: 0 Medium: 0 High: 0 Total issues (by confidence): Undefined: 0 Low: 0 Medium: 0 High: 0 Files skipped (0): <<<<<< end bandit result for /tmp/ash-run-scan.EtSI <<<<<< >>>>>> begin bandit result for /out/work >>>>>> [main] INFO profile include tests: None [main] INFO profile exclude tests: None [main] INFO cli include tests: None [main] INFO cli exclude tests: None [main] INFO running on Python 3.10.14 Run started:2024-05-31 14:51:06.012304 Test results: No issues identified. Code scanned: Total lines of code: 0 Total lines skipped (#nosec): 0 Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0 Run metrics: Total issues (by severity): Undefined: 0 Low: 0 Medium: 0 High: 0 Total issues (by confidence): Undefined: 0 Low: 0 Medium: 0 High: 0 Files skipped (0): <<<<<< end bandit result for /out/work <<<<<< ############################################# End of /out/work/py_report_result.txt ############################################# ############################################# Start of /out/work/yaml_report_result.txt ############################################# >>>>>> Begin yaml scan output for /tmp/ash-run-scan.EtSI >>>>>> starting to investigate ... found 8 files to scan. Starting checkov scans ... >>>>>> begin checkov result for Dockerfile >>>>>> _ _ ___| |__ ___ ___| | _______ __ / __| '_ \ / _ \/ __| |/ / _ \ \ / / | (__| | | | __/ (__| < (_) \ V / \___|_| |_|\___|\___|_|\_\___/ \_/ By Prisma Cloud | version: 3.2.120 dockerfile scan results: Passed checks: 285, Failed checks: 0, Skipped checks: 2 Check: CKV_DOCKER_9: "Ensure that APT isn't used" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile. File: /tmp/ash-run-scan.EtSI/Dockerfile:1-168 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-is-not-used Check: CKV_DOCKER_5: "Ensure update instructions are not use alone in the Dockerfile" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile. File: /tmp/ash-run-scan.EtSI/Dockerfile:1-168 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-update-instructions-are-not-used-alone-in-the-dockerfile Check: CKV_DOCKER_11: "Ensure From Alias are unique for multistage builds." PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile. File: /tmp/ash-run-scan.EtSI/Dockerfile:1-168 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-from-alias-is-unique-for-multistage-builds Check: CKV_DOCKER_10: "Ensure that WORKDIR values are absolute paths" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile. File: /tmp/ash-run-scan.EtSI/Dockerfile:1-168 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-workdir-values-are-absolute-paths Check: CKV_DOCKER_2: "Ensure that HEALTHCHECK instructions have been added to container images" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.HEALTHCHECK File: /tmp/ash-run-scan.EtSI/Dockerfile:153-154 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-that-healthcheck-instructions-have-been-added-to-container-images Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:32-41 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:46-56 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:61-61 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:66-68 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:73-76 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:81-83 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:92-93 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:95-96 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:98-98 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:115-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:124-126 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_1: "Ensure that sudo isn't used" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-dont-use-sudo.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ARG File: /tmp/ash-run-scan.EtSI/Dockerfile:6-6 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ENV File: /tmp/ash-run-scan.EtSI/Dockerfile:12-12 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ENV File: /tmp/ash-run-scan.EtSI/Dockerfile:103-103 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ENV File: /tmp/ash-run-scan.EtSI/Dockerfile:145-145 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ENV File: /tmp/ash-run-scan.EtSI/Dockerfile:150-150 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:32-41 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:46-56 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:61-61 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:66-68 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:73-76 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:81-83 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:92-93 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:95-96 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:98-98 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:115-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:124-126 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_14: "Ensure that certificate validation isn't disabled for git by setting the environment variable 'GIT_SSL_NO_VERIFY' to any value" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-git-ssl.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ARG File: /tmp/ash-run-scan.EtSI/Dockerfile:6-6 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ENV File: /tmp/ash-run-scan.EtSI/Dockerfile:12-12 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ENV File: /tmp/ash-run-scan.EtSI/Dockerfile:103-103 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ENV File: /tmp/ash-run-scan.EtSI/Dockerfile:145-145 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ENV File: /tmp/ash-run-scan.EtSI/Dockerfile:150-150 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:32-41 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:46-56 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:61-61 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:66-68 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:73-76 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:81-83 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:92-93 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:95-96 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:98-98 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:115-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:124-126 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_6: "Ensure that certificate validation isn't disabled with the NODE_TLS_REJECT_UNAUTHORIZED environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-node-tls-secure.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ARG File: /tmp/ash-run-scan.EtSI/Dockerfile:6-6 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ENV File: /tmp/ash-run-scan.EtSI/Dockerfile:12-12 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ENV File: /tmp/ash-run-scan.EtSI/Dockerfile:103-103 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ENV File: /tmp/ash-run-scan.EtSI/Dockerfile:145-145 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ENV File: /tmp/ash-run-scan.EtSI/Dockerfile:150-150 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:32-41 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:46-56 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:61-61 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:66-68 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:73-76 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:81-83 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:92-93 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:95-96 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:98-98 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:115-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:124-126 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_16: "Ensure that certificate validation isn't disabled with pip via the 'PIP_TRUSTED_HOST' environment variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-trusted-host.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ARG File: /tmp/ash-run-scan.EtSI/Dockerfile:6-6 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ENV File: /tmp/ash-run-scan.EtSI/Dockerfile:12-12 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ENV File: /tmp/ash-run-scan.EtSI/Dockerfile:103-103 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ENV File: /tmp/ash-run-scan.EtSI/Dockerfile:145-145 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ENV File: /tmp/ash-run-scan.EtSI/Dockerfile:150-150 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:32-41 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:46-56 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:61-61 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:66-68 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:73-76 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:81-83 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:92-93 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:95-96 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:98-98 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:115-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:124-126 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_5: "Ensure that certificate validation isn't disabled with the PYTHONHTTPSVERIFY environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-PYTHONHTTPSVERIFY-secure.html Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:32-41 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:46-56 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:61-61 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:66-68 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:73-76 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:81-83 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:92-93 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:95-96 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:98-98 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:115-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:124-126 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_17: "Ensure that 'chpasswd' is not used to set or remove passwords" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/bc-docker-2-17 Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ARG File: /tmp/ash-run-scan.EtSI/Dockerfile:6-6 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ENV File: /tmp/ash-run-scan.EtSI/Dockerfile:12-12 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ENV File: /tmp/ash-run-scan.EtSI/Dockerfile:103-103 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ENV File: /tmp/ash-run-scan.EtSI/Dockerfile:145-145 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.ENV File: /tmp/ash-run-scan.EtSI/Dockerfile:150-150 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:32-41 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:46-56 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:61-61 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:66-68 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:73-76 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:81-83 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:92-93 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:95-96 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:98-98 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:115-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:124-126 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_12: "Ensure that certificate validation isn't disabled for npm via the 'NPM_CONFIG_STRICT_SSL' environmnet variable" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:32-41 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:46-56 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:61-61 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:66-68 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:73-76 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:81-83 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:92-93 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:95-96 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:98-98 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:115-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:124-126 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_15: "Ensure that the yum and dnf package managers are not configured to disable SSL certificate validation via the 'sslverify' configuration option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-ssl.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:32-41 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:46-56 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:61-61 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:66-68 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:73-76 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:81-83 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:92-93 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:95-96 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:98-98 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:115-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:124-126 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_11: "Ensure that the '--force-yes' option is not used, as it disables signature validation and allows packages to be downgraded which can leave the system in a broken or inconsistent state" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-force.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:32-41 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:46-56 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:61-61 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:66-68 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:73-76 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:81-83 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:92-93 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:95-96 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:98-98 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:115-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:124-126 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_7: "Ensure that packages with untrusted or missing signatures are not used by apk via the '--allow-untrusted' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apk-trusted.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:32-41 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:46-56 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:61-61 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:66-68 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:73-76 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:81-83 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:92-93 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:95-96 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:98-98 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:115-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:124-126 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_2: "Ensure that certificate validation isn't disabled with curl" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-curl-secure.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:32-41 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:46-56 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:61-61 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:66-68 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:73-76 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:81-83 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:92-93 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:95-96 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:98-98 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:115-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:124-126 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_8: "Ensure that packages with untrusted or missing signatures are not used by apt-get via the '--allow-unauthenticated' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-apt-authenticated.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:32-41 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:46-56 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:61-61 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:66-68 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:73-76 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:81-83 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:92-93 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:95-96 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:98-98 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:115-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:124-126 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_13: "Ensure that certificate validation isn't disabled for npm or yarn by setting the option strict-ssl to false" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-npm-strict-ssl2.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:32-41 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:46-56 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:61-61 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:66-68 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:73-76 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:81-83 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:92-93 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:95-96 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:98-98 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:115-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:124-126 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_9: "Ensure that packages with untrusted or missing GPG signatures are not used by dnf, tdnf, or yum via the '--nogpgcheck' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-yum-signed.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:32-41 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:46-56 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:61-61 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:66-68 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:73-76 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:81-83 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:92-93 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:95-96 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:98-98 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:115-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:124-126 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_3: "Ensure that certificate validation isn't disabled with wget" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-wget-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:32-41 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:46-56 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:61-61 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:66-68 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:73-76 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:81-83 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:92-93 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:95-96 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:98-98 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:115-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:124-126 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_4: "Ensure that certificate validation isn't disabled with the pip '--trusted-host' option" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-pip-secure.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:13-13 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:24-27 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:32-41 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:46-56 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:60-60 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:61-61 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:66-68 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:73-76 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:81-83 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:92-93 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:95-96 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:98-98 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:115-117 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:124-126 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV2_DOCKER_10: "Ensure that packages with untrusted or missing signatures are not used by rpm via the '--nodigest', '--nosignature', '--noverify', or '--nofiledigest' options" PASSED for resource: /tmp/ash-run-scan.EtSI/Dockerfile.RUN File: /tmp/ash-run-scan.EtSI/Dockerfile:140-140 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-docker-rpm-signed.html Check: CKV_DOCKER_7: "Ensure the base image uses a non latest version tag" SKIPPED for resource: /tmp/ash-run-scan.EtSI/Dockerfile. Suppress comment: Base image is using a non-latest version tag by default, Checkov is unable to parse due to the use of ARG File: /tmp/ash-run-scan.EtSI/Dockerfile:1-168 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-the-base-image-uses-a-non-latest-version-tag Check: CKV_DOCKER_3: "Ensure that a user for the container has been created" SKIPPED for resource: /tmp/ash-run-scan.EtSI/Dockerfile. Suppress comment: ASH is focused on mounting source code into the container and scanning it, not running services. Setting USER breaks the ability for certain scanners to work correctly. File: /tmp/ash-run-scan.EtSI/Dockerfile:1-168 Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-that-a-user-for-the-container-has-been-created <<<<<< end checkov result for Dockerfile <<<<<< >>>>>> begin checkov result for helper_dockerfiles >>>>>> _ _ ___| |__ ___ ___| | _______ __ / __| '_ \ / _ \/ __| |/ / _ \ \ / / | (__| | | | __/ (__| < (_) \ V / \___|_| |_|\___|\___|_|\_\___/ \_/ By Prisma Cloud | version: 3.2.120 <<<<<< end checkov result for helper_dockerfiles <<<<<< >>>>>> begin checkov result for Dockerfile-js >>>>>> _ _ ___| |__ ___ ___| | _______ __ / __| '_ \ / _ \/ __| |/ / _ \ \ / / | (__| | | | __/ (__| < (_) \ V / \___|_| |_|\___|\___|_|\_\___/ \_/ By Prisma Cloud | version: 3.2.120 <<<<<< end checkov result for Dockerfile-js <<<<<< >>>>>> begin checkov result for Dockerfile-grype >>>>>> _ _ ___| |__ ___ ___| | _______ __ / __| '_ \ / _ \/ __| |/ / _ \ \ / / | (__| | | | __/ (__| < (_) \ V / \___|_| |_|\___|\___|_|\_\___/ \_/ By Prisma Cloud | version: 3.2.120 <<<<<< end checkov result for Dockerfile-grype <<<<<< >>>>>> begin checkov result for Dockerfile-git >>>>>> _ _ ___| |__ ___ ___| | _______ __ / __| '_ \ / _ \/ __| |/ / _ \ \ / / | (__| | | | __/ (__| < (_) \ V / \___|_| |_|\___|\___|_|\_\___/ \_/ By Prisma Cloud | version: 3.2.120 <<<<<< end checkov result for Dockerfile-git <<<<<< >>>>>> begin checkov result for Dockerfile-py >>>>>> _ _ ___| |__ ___ ___| | _______ __ / __| '_ \ / _ \/ __| |/ / _ \ \ / / | (__| | | | __/ (__| < (_) \ V / \___|_| |_|\___|\___|_|\_\___/ \_/ By Prisma Cloud | version: 3.2.120 <<<<<< end checkov result for Dockerfile-py <<<<<< >>>>>> begin checkov result for Dockerfile-cdk >>>>>> _ _ ___| |__ ___ ___| | _______ __ / __| '_ \ / _ \/ __| |/ / _ \ \ / / | (__| | | | __/ (__| < (_) \ V / \___|_| |_|\___|\___|_|\_\___/ \_/ By Prisma Cloud | version: 3.2.120 <<<<<< end checkov result for Dockerfile-cdk <<<<<< >>>>>> begin checkov result for Dockerfile-yaml >>>>>> _ _ ___| |__ ___ ___| | _______ __ / __| '_ \ / _ \/ __| |/ / _ \ \ / / | (__| | | | __/ (__| < (_) \ V / \___|_| |_|\___|\___|_|\_\___/ \_/ By Prisma Cloud | version: 3.2.120 <<<<<< end checkov result for Dockerfile-yaml <<<<<< found 0 files to scan. Skipping cfn_nag scans. <<<<<< End yaml scan output for /tmp/ash-run-scan.EtSI <<<<<< >>>>>> Begin yaml scan output for /out/work >>>>>> starting to investigate ... found 0 files to scan. Skipping checkov scans. found 0 files to scan. Skipping cfn_nag scans. <<<<<< End yaml scan output for /out/work <<<<<< ############################################# End of /out/work/yaml_report_result.txt ############################################# ```