Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add slash at the end of COPY command to fix AVD-DS-0011 #222

Closed
wants to merge 1 commit into from
Closed

Add slash at the end of COPY command to fix AVD-DS-0011 #222

wants to merge 1 commit into from

Conversation

vitorarins
Copy link

πŸ€” What's changed?

Added slash at the end of COPY command to fix AVD-DS-0011

⚑️ What's your motivation?

Avoid error messages when scanning for security issues

🏷️ What kind of change is this?

  • πŸ› Bug fix (non-breaking change which fixes a defect)

πŸ“‹ Checklist:

@mpkorstanje
Copy link
Contributor

Could you provide a bit more context? We're not publishing any docker images.

@vitorarins
Copy link
Author

vitorarins commented May 22, 2024
edited
Loading

Could you provide a bit more context?

Certainly!

I use godog for a private project, which makes use of the cucumber/messages/go module. Also I vendor my dependencies with go mod vendor.

So when running a security tool like trivy, I am getting this error:

trivy fs --scanners vuln,misconfig --exit-code 1 --severity CRITICAL .
2024-05-22T07:22:56Z	INFO	Vulnerability scanning is enabled
2024-05-22T07:22:56Z	INFO	Misconfiguration scanning is enabled
2024-05-22T07:22:57Z	INFO	Number of language-specific files	num=1
2024-05-22T07:22:57Z	INFO	[gomod] Detecting vulnerabilities...
2024-05-22T07:22:57Z	INFO	Detected config files	num=3
vendor/github.com/cucumber/messages/go/v21/Dockerfile (dockerfile)
==================================================================
Tests: 6 (SUCCESSES: 5, FAILURES: 1, EXCEPTIONS: 0)
Failures: 1 (CRITICAL: 1)
CRITICAL: Slash is expected at the end of COPY command argument '.'
════════════════════════════════════════
When a COPY command has more than two arguments, the last one should end with a slash.
See https://avd.aquasec.com/misconfig/ds011
────────────────────────────────────────
 vendor/github.com/cucumber/messages/go/v21/Dockerfile:15
────────────────────────────────────────
  15 [ COPY --link go.mod go.sum .
────────────────────────────────────────
Command exited with non-zero status 1

We're not publishing any docker images.

Well, is it necessary to keep this Dockerfile then?

@mpkorstanje
Copy link
Contributor

Superseded by #223.

@mpkorstanje
Copy link
Contributor

Well, is it necessary to keep this Dockerfile then?

Looks like it isn't. Cheers!

@vitorarins vitorarins mentioned this pull request Sep 27, 2024
Open
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@vitorarins @mpkorstanje