Skip to content
This repository has been archived by the owner on Jun 4, 2024. It is now read-only.

Update go to 1.21.10

Orca Security (US) / Orca Security - Infrastructure as Code succeeded May 15, 2024 in 7s

Orca Security Scan Summary

Status Check Issues by priority
Passed Passed Infrastructure as Code high 0   medium 1   low 0   info 4 View in Orca
🛡️ The following IaC misconfigurations have been detected
NAME FILE
medium Missing User Instruction ...r/plugins/Dockerfile View in code
info Apt Get Install Lists Were Not Deleted ...r/plugins/Dockerfile View in code
info Apt Get Install Lists Were Not Deleted ...r/plugins/Dockerfile View in code
info Update Instruction Alone ...r/plugins/Dockerfile View in code
info Update Instruction Alone ...r/plugins/Dockerfile View in code

Annotations

Check warning on line 16 in docker/plugins/Dockerfile

See this annotation in the file changed.

@orca-security-us orca-security-us / Orca Security - Infrastructure as Code

[INFO] Apt Get Install Lists Were Not Deleted 

Details:
After using apt-get install, it is needed to delete apt-get lists

Recommendation:
After using apt-get install, the apt-get lists should be deleted

Check warning on line 13 in docker/plugins/Dockerfile

See this annotation in the file changed.

@orca-security-us orca-security-us / Orca Security - Infrastructure as Code

[INFO] Apt Get Install Lists Were Not Deleted 

Details:
After using apt-get install, it is needed to delete apt-get lists

Recommendation:
After using apt-get install, the apt-get lists should be deleted

Check warning on line 16 in docker/plugins/Dockerfile

See this annotation in the file changed.

@orca-security-us orca-security-us / Orca Security - Infrastructure as Code

[INFO] Update Instruction Alone 

Details:
Instruction 'RUN <package-manager> update' should always be followed by
'<package-manager> install' in the same RUN statement

Recommendation:
Instruction 'RUN apt-get ["install", "source-install", "reinstall"]' should be
combined with 'RUN apt-get ["update"]' in the same 'RUN' statement

Check warning on line 13 in docker/plugins/Dockerfile

See this annotation in the file changed.

@orca-security-us orca-security-us / Orca Security - Infrastructure as Code

[INFO] Update Instruction Alone 

Details:
Instruction 'RUN <package-manager> update' should always be followed by
'<package-manager> install' in the same RUN statement

Recommendation:
Instruction 'RUN apt-get ["install", "source-install", "reinstall"]' should be
combined with 'RUN apt-get ["update"]' in the same 'RUN' statement

Check warning on line 4 in docker/plugins/Dockerfile

See this annotation in the file changed.

@orca-security-us orca-security-us / Orca Security - Infrastructure as Code

[MEDIUM] Missing User Instruction 

Details:
A user should be specified in the dockerfile, otherwise the image will run as
root

Recommendation:
The 'Dockerfile' should contain the 'USER' instruction
View more details on Orca Security (US)