build(deps): bump aiohttp from 3.8.4 to 3.8.6 in /docker/datahub-ingestion-base #33
Funding Circle Checks / fc-checks/image-scan-in-pipeline
failed
Nov 14, 2023 in 1s
Image build found, but no scan found in .drone.yml - check failed!
The purpose of this check, is to determine whether image scan step exists in a repository's pipeline.
The scan step looks for vulnerabilities in the built Docker image by running a command line tool provided by Prisma Cloud.
Read more about the image scan step.
Read more about this check in the newsletter and in its readme.
Check mandatory from 2020-12-17T12:00:00Z onwards.
Details
Image build found, but no scan found in .drone.yml - check failed!
Example step for Drone pipeline - place the snippet right after your build step
- name: scan_docker_image
image: quay.io/fundingcircle/drone-prisma-cloud:1
environment:
DOCKER_USERNAME:
from_secret: docker_username
DOCKER_PASSWORD:
from_secret: docker_password
GITHUB_TOKEN:
from_secret: github_token
PRISMA_CLOUD_USER:
from_secret: prisma_cloud_user
PRISMA_CLOUD_PASSWORD:
from_secret: prisma_cloud_password
settings:
repo: quay.io/fundingcircle/${DRONE_REPO_NAME}
registry: https://quay.io
tags: ${DRONE_COMMIT_SHA}
Loading