tenable / terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
https://runterrascan.io
Apache License 2.0
4.74k stars 497 forks source link

False positive for Docker error AC_DOCKER_0013 - workaround is to remove quotes when call WORKDIR #1643

Open weldevops opened 11 months ago

weldevops commented 11 months ago

Description

Running terrascan against the web application template in Visual Studio results in error AC_DOCKER_0013: Ensure the use absolute paths for your WORKDIR. This refers to the default Dockerfile that is created:

FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS base
USER app
WORKDIR /app
EXPOSE 8080
EXPOSE 8081

FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build
ARG BUILD_CONFIGURATION=Release
WORKDIR /src
COPY ["WebApplication1/WebApplication1.csproj", "WebApplication1/"]
RUN dotnet restore "./WebApplication1/./WebApplication1.csproj"
COPY . .
WORKDIR "/src/WebApplication1"
RUN dotnet build "./WebApplication1.csproj" -c $BUILD_CONFIGURATION -o /app/build

FROM build AS publish
ARG BUILD_CONFIGURATION=Release
RUN dotnet publish "./WebApplication1.csproj" -c $BUILD_CONFIGURATION -o /app/publish /p:UseAppHost=false

FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "WebApplication1.dll"]

What I Did

Changing WORKDIR "/src/WebApplication1" to WORKDIR /src/WebApplication1 without the quotes resolves the error.

RenanFG commented 8 months ago

I have the same Issue, my path has white space so I cant just remove the quotes