search

deepfence / SecretScanner

:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:
https://deepfence.io
MIT License
3.11k stars 318 forks source link

Scanning for Secrets in Envs #124

Open 53845714nF opened 3 months ago

53845714nF commented 3 months ago

The tool should be able to find a Secret in Envs. For Example, for images that are produced from such Dockerfile:

FROM docker.io/library/python:3.8
ENV PYTHONDONTWRITEBYTECODE=1
ENV PYTHONUNBUFFERED=1

WORKDIR /app
COPY requirements.txt /app/
RUN pip install -r requirements.txt

ENV POSTGRES_HOST=database
ENV POSTGRES_USER=postgres
ENV POSTGRES_PASSWORD=postgres
ENV POSTGRES_DB=shopping_list

COPY . /app/

EXPOSE 8000
CMD ["gunicorn", "--bind", "0.0.0.0:8000", "app:app"]

It should report the Postgres password.

ibreakthecloud commented 3 months ago

Hi @53845714nF thanks for raising the issue. This seems like an valid feature.