Closed andreabenfatto closed 3 years ago
Hey @andreabenfatto,
This is totally my fault, I used to build this image and use it on github actions but I realized that github is also building the image itself, therefore I dropped the used of it, without removing it. This is my mistake and I'll make sure to remove it to avoid any confusion.
Thanks for your feedback
Thanks for the quick answer, and by the way thanks for the Github Action, because it's exactly as I would go to build it :)
Honestly, I decided to investigate the Docker hub image because in the first place I've got the same issue using the Github Action (which is pulling the Docker Hub image).
I didn't know either that Github is pushing the images on the hub on your behalf.
@triat this is what I get now from Github when the workflow tries to pull down the image :(
Pull down action image 'triat/tfsec:latest'
6 /usr/bin/docker pull triat/tfsec:latest
7 Error response from daemon: pull access denied for triat/tfsec, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
8 Warning: Docker pull failed with exit code 1, back off 1.055 seconds before retry.
9 /usr/bin/docker pull triat/tfsec:latest
10 Error response from daemon: pull access denied for triat/tfsec, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
11 Warning: Docker pull failed with exit code 1, back off 3.203 seconds before retry.
8 /usr/bin/docker pull triat/tfsec:latest
9 Error response from daemon: pull access denied for triat/tfsec, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
10 Error: Docker pull failed with exit code 1
This fixed it for us:
- uses: triat/terraform-security-scan@v1
+ uses: triat/terraform-security-scan@v2.0.2
@stefanwb it fixes the issue here! :pray:
@triat please update the documentation (i.e. the example) to avoid confusion.
Related PR here 👉 https://github.com/triat/terraform-security-scan/pull/22
@andreabenfatto good to hear!
BTW we chose for a tag rather than master
for the expected stability but for the example master
should be fine.
Mmh interesting, I should maybe remove those old tags for the sake of not having people stuck on this old way of working.
I saw your PR @stefanwb but I'd like to keep a tag in the documentation as explained in the PR. I'll continue the discussion with you there.
Thanks
I think this one can be closed now, right?
You're right, I'm closing it
Hi there,
Perhaps there is something wrong with the Docker image pushed on Docker hub. The
/entrypoint.sh
file is almost empty and doesn't reflect what declared in this repo.Here the content of the file:
This image is the one used by the Github Action, therefore nothing is really working: my current Github Workflow timeout and testing locally using Docker the container hangs forever... here the command I'm using:
docker run -it --rm -v (pwd):"/github/workspace" triat/tfsec:latest