Skip to content

Commit

Permalink
Update google signing key.
Browse files Browse the repository at this point in the history
  • Loading branch information
@kporras07
kporras07 committed Aug 19, 2024
1 parent f520b06 commit 4594b3a
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,9 @@ ARG PHPVERSION
USER root

# Install necessary packages for PHP extensions
RUN apt-get update && \
apt-get install -y \
RUN wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - && \

Check warning on line 13 in Dockerfile

View check run for this annotation

Wiz Inc. (b08cf2810f) / Wiz IaC Scanner

Apt Get Install Pin Version Not Defined 

Rule ID: 02336ad4-e0c7-4430-99d8-80345d73a0be
Severity: Medium
Resource: FROM={{cimg/php:${PHPVERSION}-browsers}}.RUN={{wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - &&     apt-get update &&     apt-get install -y         dnsutils         libmagickwand-dev         libzip-dev         libsodium-dev         libpng-dev         libfreetype6-dev         zlib1g-dev         libicu-dev         libxml2-dev         g++         git}}

When installing a package, its pin version should be defined
Raw output 
Expected: Package 'libpng-dev' has version defined
Found: Package 'libpng-dev' does not have version defined

Check warning on line 13 in Dockerfile

View check run for this annotation

Wiz Inc. (b08cf2810f) / Wiz IaC Scanner

Apt Get Install Pin Version Not Defined 

Rule ID: 02336ad4-e0c7-4430-99d8-80345d73a0be
Severity: Medium
Resource: FROM={{cimg/php:${PHPVERSION}-browsers}}.RUN={{wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - &&     apt-get update &&     apt-get install -y         dnsutils         libmagickwand-dev         libzip-dev         libsodium-dev         libpng-dev         libfreetype6-dev         zlib1g-dev         libicu-dev         libxml2-dev         g++         git}}

When installing a package, its pin version should be defined
Raw output 
Expected: Package 'libicu-dev' has version defined
Found: Package 'libicu-dev' does not have version defined

Check warning on line 13 in Dockerfile

View check run for this annotation

Wiz Inc. (b08cf2810f) / Wiz IaC Scanner

Apt Get Install Pin Version Not Defined 

Rule ID: 02336ad4-e0c7-4430-99d8-80345d73a0be
Severity: Medium
Resource: FROM={{cimg/php:${PHPVERSION}-browsers}}.RUN={{wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - &&     apt-get update &&     apt-get install -y         dnsutils         libmagickwand-dev         libzip-dev         libsodium-dev         libpng-dev         libfreetype6-dev         zlib1g-dev         libicu-dev         libxml2-dev         g++         git}}

When installing a package, its pin version should be defined
Raw output 
Expected: Package 'g++' has version defined
Found: Package 'g++' does not have version defined

Check warning on line 13 in Dockerfile

View check run for this annotation

Wiz Inc. (b08cf2810f) / Wiz IaC Scanner

Apt Get Install Pin Version Not Defined 

Rule ID: 02336ad4-e0c7-4430-99d8-80345d73a0be
Severity: Medium
Resource: FROM={{cimg/php:${PHPVERSION}-browsers}}.RUN={{wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - &&     apt-get update &&     apt-get install -y         dnsutils         libmagickwand-dev         libzip-dev         libsodium-dev         libpng-dev         libfreetype6-dev         zlib1g-dev         libicu-dev         libxml2-dev         g++         git}}

When installing a package, its pin version should be defined
Raw output 
Expected: Package 'dnsutils' has version defined
Found: Package 'dnsutils' does not have version defined

Check warning on line 13 in Dockerfile

View check run for this annotation

Wiz Inc. (b08cf2810f) / Wiz IaC Scanner

Apt Get Install Pin Version Not Defined 

Rule ID: 02336ad4-e0c7-4430-99d8-80345d73a0be
Severity: Medium
Resource: FROM={{cimg/php:${PHPVERSION}-browsers}}.RUN={{wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - &&     apt-get update &&     apt-get install -y         dnsutils         libmagickwand-dev         libzip-dev         libsodium-dev         libpng-dev         libfreetype6-dev         zlib1g-dev         libicu-dev         libxml2-dev         g++         git}}

When installing a package, its pin version should be defined
Raw output 
Expected: Package 'libxml2-dev' has version defined
Found: Package 'libxml2-dev' does not have version defined

Check warning on line 13 in Dockerfile

View check run for this annotation

Wiz Inc. (b08cf2810f) / Wiz IaC Scanner

Apt Get Install Pin Version Not Defined 

Rule ID: 02336ad4-e0c7-4430-99d8-80345d73a0be
Severity: Medium
Resource: FROM={{cimg/php:${PHPVERSION}-browsers}}.RUN={{wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - &&     apt-get update &&     apt-get install -y         dnsutils         libmagickwand-dev         libzip-dev         libsodium-dev         libpng-dev         libfreetype6-dev         zlib1g-dev         libicu-dev         libxml2-dev         g++         git}}

When installing a package, its pin version should be defined
Raw output 
Expected: Package 'zlib1g-dev' has version defined
Found: Package 'zlib1g-dev' does not have version defined

Check warning on line 13 in Dockerfile

View check run for this annotation

Wiz Inc. (b08cf2810f) / Wiz IaC Scanner

Apt Get Install Pin Version Not Defined 

Rule ID: 02336ad4-e0c7-4430-99d8-80345d73a0be
Severity: Medium
Resource: FROM={{cimg/php:${PHPVERSION}-browsers}}.RUN={{wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - &&     apt-get update &&     apt-get install -y         dnsutils         libmagickwand-dev         libzip-dev         libsodium-dev         libpng-dev         libfreetype6-dev         zlib1g-dev         libicu-dev         libxml2-dev         g++         git}}

When installing a package, its pin version should be defined
Raw output 
Expected: Package 'git' has version defined
Found: Package 'git' does not have version defined

Check warning on line 13 in Dockerfile

View check run for this annotation

Wiz Inc. (b08cf2810f) / Wiz IaC Scanner

Apt Get Install Pin Version Not Defined 

Rule ID: 02336ad4-e0c7-4430-99d8-80345d73a0be
Severity: Medium
Resource: FROM={{cimg/php:${PHPVERSION}-browsers}}.RUN={{wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - &&     apt-get update &&     apt-get install -y         dnsutils         libmagickwand-dev         libzip-dev         libsodium-dev         libpng-dev         libfreetype6-dev         zlib1g-dev         libicu-dev         libxml2-dev         g++         git}}

When installing a package, its pin version should be defined
Raw output 
Expected: Package 'libsodium-dev' has version defined
Found: Package 'libsodium-dev' does not have version defined

Check warning on line 13 in Dockerfile

View check run for this annotation

Wiz Inc. (b08cf2810f) / Wiz IaC Scanner

Apt Get Install Pin Version Not Defined 

Rule ID: 02336ad4-e0c7-4430-99d8-80345d73a0be
Severity: Medium
Resource: FROM={{cimg/php:${PHPVERSION}-browsers}}.RUN={{wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - &&     apt-get update &&     apt-get install -y         dnsutils         libmagickwand-dev         libzip-dev         libsodium-dev         libpng-dev         libfreetype6-dev         zlib1g-dev         libicu-dev         libxml2-dev         g++         git}}

When installing a package, its pin version should be defined
Raw output 
Expected: Package 'libfreetype6-dev' has version defined
Found: Package 'libfreetype6-dev' does not have version defined

Check warning on line 13 in Dockerfile

View check run for this annotation

Wiz Inc. (b08cf2810f) / Wiz IaC Scanner

Apt Get Install Pin Version Not Defined 

Rule ID: 02336ad4-e0c7-4430-99d8-80345d73a0be
Severity: Medium
Resource: FROM={{cimg/php:${PHPVERSION}-browsers}}.RUN={{wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - &&     apt-get update &&     apt-get install -y         dnsutils         libmagickwand-dev         libzip-dev         libsodium-dev         libpng-dev         libfreetype6-dev         zlib1g-dev         libicu-dev         libxml2-dev         g++         git}}

When installing a package, its pin version should be defined
Raw output 
Expected: Package 'libmagickwand-dev' has version defined
Found: Package 'libmagickwand-dev' does not have version defined

Check warning on line 13 in Dockerfile

View check run for this annotation

Wiz Inc. (b08cf2810f) / Wiz IaC Scanner

Apt Get Install Pin Version Not Defined 

Rule ID: 02336ad4-e0c7-4430-99d8-80345d73a0be
Severity: Medium
Resource: FROM={{cimg/php:${PHPVERSION}-browsers}}.RUN={{wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - &&     apt-get update &&     apt-get install -y         dnsutils         libmagickwand-dev         libzip-dev         libsodium-dev         libpng-dev         libfreetype6-dev         zlib1g-dev         libicu-dev         libxml2-dev         g++         git}}

When installing a package, its pin version should be defined
Raw output 
Expected: Package 'libzip-dev' has version defined
Found: Package 'libzip-dev' does not have version defined

Check notice on line 13 in Dockerfile

View check run for this annotation

Wiz Inc. (b08cf2810f) / Wiz IaC Scanner

APT-GET Not Avoiding Additional Packages 

Rule ID: 5ca54f8d-7ba6-4d52-a291-22f783afb5f2
Severity: None
Resource: FROM={{cimg/php:${PHPVERSION}-browsers}}.{{RUN wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - &&     apt-get update &&     apt-get install -y         dnsutils         libmagickwand-dev         libzip-dev         libsodium-dev         libpng-dev         libfreetype6-dev         zlib1g-dev         libicu-dev         libxml2-dev         g++         git}}

Check if any apt-get installs don't use '--no-install-recommends' flag to avoid installing additional packages.
Raw output 
Expected: 'RUN wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - &&     apt-get update &&     apt-get install -y         dnsutils         libmagickwand-dev         libzip-dev         libsodium-dev         libpng-dev         libfreetype6-dev         zlib1g-dev         libicu-dev         libxml2-dev         g++         git' uses '--no-install-recommends' flag to avoid installing additional packages
Found: 'RUN wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - &&     apt-get update &&     apt-get install -y         dnsutils         libmagickwand-dev         libzip-dev         libsodium-dev         libpng-dev         libfreetype6-dev         zlib1g-dev         libicu-dev         libxml2-dev         g++         git' does not use '--no-install-recommends' flag to avoid installing additional packages

Check notice on line 13 in Dockerfile

View check run for this annotation

Wiz Inc. (b08cf2810f) / Wiz IaC Scanner

Apt Get Install Lists Were Not Deleted 

Rule ID: 24dfd10b-93af-429f-b8ce-e88df9879db9
Severity: None
Resource: FROM={{cimg/php:${PHPVERSION}-browsers}}.RUN={{wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - &&     apt-get update &&     apt-get install -y         dnsutils         libmagickwand-dev         libzip-dev         libsodium-dev         libpng-dev         libfreetype6-dev         zlib1g-dev         libicu-dev         libxml2-dev         g++         git}}

After using apt-get install, it is needed to delete apt-get lists
Raw output 
Expected: After using apt-get install, the apt-get lists should be deleted
Found: After using apt-get install, the apt-get lists were not deleted
apt-get update && \
apt-get install -y \
dnsutils \
libmagickwand-dev \
libzip-dev \
Expand Down

0 comments on commit 4594b3a

Please sign in to comment.