feat(deps): bump aquasecurity/trivy-action from 0.24.0 to 0.28.0 #532
test.yaml
on: pull_request
terraform-valid
/
Config Validation in ./test/terraform
31s
trivy-invalid
/
Config Validation in ${{ inputs.working-directory }}
0s
terraform-valid
/
Trivy Vulnerability Scan in ./test/terraform
18s
terraform-valid
/
Generate SBOM in ${{ inputs.working-directory }}
0s
trivy-invalid
/
Trivy Vulnerability Scan in ./test/trivy
17s
trivy-invalid
/
Generate SBOM in ${{ inputs.working-directory }}
0s
terraform-valid
/
Render terraform docs in ./test/terraform
46s
trivy-invalid
/
Render terraform docs in ${{ inputs.working-directory }}
0s
Annotations
9 errors and 1 warning
trivy-invalid / Trivy Vulnerability Scan in ./test/trivy
AVD-AWS-0052: Load balancers should drop invalid headers
Passing unknown or invalid headers through to the target poses a potential risk of compromise.
|
trivy-invalid / Trivy Vulnerability Scan in ./test/trivy
AVD-AWS-0053: Load balancer is exposed to the internet.
There are many scenarios in which you would want to expose a load balancer to the wider internet, but this check exists as a warning to prevent accidental exposure of internal assets. You should ensure that this resource should be exposed publicly.
|
trivy-invalid / Trivy Vulnerability Scan in ./test/trivy:
main.tf#L37
AVD-AWS-0005: API Gateway domain name uses outdated SSL/TLS protocols.
You should not use outdated/insecure TLS versions for encryption. You should be using TLS v1.2+.
|
trivy-invalid / Trivy Vulnerability Scan in ./test/trivy:
main.tf#L33
AVD-AWS-0005: API Gateway domain name uses outdated SSL/TLS protocols.
You should not use outdated/insecure TLS versions for encryption. You should be using TLS v1.2+.
|
trivy-invalid / Trivy Vulnerability Scan in ./test/trivy:
main.tf#L41
AVD-AWS-0005: API Gateway domain name uses outdated SSL/TLS protocols.
You should not use outdated/insecure TLS versions for encryption. You should be using TLS v1.2+.
|
trivy-invalid / Trivy Vulnerability Scan in ./test/trivy:
main.tf#L18
AVD-AWS-0054: Use of plain HTTP.
Plain HTTP is unencrypted and human-readable. This means that if a malicious actor was to eavesdrop on your connection, they would be able to see all of your data flowing back and forth.
|
trivy-invalid / Trivy Vulnerability Scan in ./test/trivy:
main.tf#L29
AVD-AZU-0038: Enable disk encryption on managed disk
Manage disks should be encrypted at rest. When specifying the <code>encryption_settings</code> block, the enabled attribute should be set to <code>true</code>.
|
trivy-invalid / Trivy Vulnerability Scan in ./test/trivy
Process completed with exit code 1.
|
terraform-valid / Render terraform docs in ./test/terraform
The process '/usr/bin/git' failed with exit code 1
|
terraform-valid / Config Validation in ./test/terraform
Restore cache failed: Dependencies file is not found in /home/runner/work/github-workflow-terraform-config/github-workflow-terraform-config. Supported file pattern: go.sum
|