[Warning] Ensure :latest version is not used for Docker file (Terrascan Rule: AC_DOCKER_0041)

[kailashp]

I am getting the following warning when i use 'terrascan' tool in Azure DevOps pipeline.

But i am not using any latest version in my dockerfile, but still it refers 'base' and 'build' image variables declared and throwing this warning. Due to this warning, pipeline task is failing.

Refer the 'base' and 'build' image variable declaration in dockerfile, scanning this line and reporting that warning is fine if latest version is used. But it scans the image reference from 'base' and 'build' variables and throwing this warning

Refer the error throwing lines 32, 35

I think it consider this case and failing, https://github.com/tenable/terrascan/pull/1068#discussion_r736092637

How to overcome this? Whether this behavior is correct or not?

[dotpaul]

Hi @kailashp,

I can't speak to the Terrascan behavior, but to suppress warnings, you can follow the steps in https://github.com/microsoft/security-devops-azdevops/issues/38#issuecomment-1509461347 to create a .gdn/.gdnsuppress file