search

tenable / terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
https://runterrascan.io
Apache License 2.0
4.77k stars 501 forks source link

undocumented error #1694

Open verboEse opened 3 months ago

verboEse commented 3 months ago

Description

When scanning a Dockerfile I get this error:

            {
              "id": "AC_DOCKER_0020",
              "name": "shellusingshell",
              "shortDescription": {
                "text": "Ensure the command SHELL to override the default shell instead of the RUN command."
              },
              "properties": {
                "category": "Infrastructure Security",
                "severity": "MEDIUM"
              }
            }

I could not find documentation for "AC_DOCKER_0020". So I'm not sure what to do. I already have

SHELL ["/bin/bash", "-o", "pipefail"]

in the Dockerfile. What else am I supposed to configure?

What I Did

terrascan scan -i docker --iac-file VSTS/Dockerfile --output sarif