RUN apk add --no-cache \
libcrypto3=3.1.4-r1 \
libssl3=3.1.4-r1
What did you expect to happen?
no CIS-DI-0010 as packages are installed and it are no environment variables
What happened instead?
FATAL - CIS-DI-0010: Do not store credential in environment variables/files
Suspicious ENV key found : libcrypto3 on RUN /bin/sh -c apk add --no-cache libcrypto3=3.1.4-r1 libssl3=3.1.4-r1 # buildkit (You can suppress it with --accept-key)
Description
RUN apk add --no-cache \ libcrypto3=3.1.4-r1 \ libssl3=3.1.4-r1
What did you expect to happen?
no CIS-DI-0010 as packages are installed and it are no environment variables
What happened instead?
FATAL - CIS-DI-0010: Do not store credential in environment variables/files
Output of run with
-debug:Output of
dockle -v:Additional details (base image name, container registry info...):