Open zumkemi opened 9 months ago
seems to be similar https://github.com/aquasecurity/trivy/issues/2432
Hi @zumkemi . The recommended way to run secret scanner in GitLab CI is here: https://github.com/deepfence/ThreatMapper/blob/main/ci-cd-integrations/gitlab/.gitlab-ci.yml#L50-L66
we run secretscanner inside docker:latest that ensures all the required sock paths (DIND: docker in docker). You can refer to this GitLab CI Pipeline demo that scans an nginx
image, https://gitlab.com/harshvkarn/demo-app/-/jobs/6158031549
tried to run a scan-Job:
results in: