Add SNYK scan to build image · DFE-Digital/find-a-lost-trn@0f7e148

SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "GOVUK_NOTIFY_API_KEY") More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/

Sensitive data should not be used in the ARG or ENV commands: Dockerfile#L10

SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "SECRET_KEY_BASE") More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/

Sensitive data should not be used in the ARG or ENV commands: Dockerfile#L10

SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "ZENDESK_TOKEN") More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/

Sensitive data should not be used in the ARG or ENV commands: Dockerfile#L10

SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "IDENTITY_SHARED_SECRET_KEY") More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/

Sensitive data should not be used in the ARG or ENV commands: Dockerfile#L10

SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "IDENTITY_API_KEY") More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/

JSON arguments recommended for ENTRYPOINT/CMD to prevent unintended behavior related to OS signals: Dockerfile#L44

JSONArgsRecommended: JSON arguments recommended for CMD to prevent unintended behavior related to OS signals More info: https://docs.docker.com/go/dockerfile/rule/json-args-recommended/

Set deployment matrix

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Deploy to review environment

ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add SNYK scan to build image #3395

Summary

Add SNYK scan to build image #3395

Jobs

Run details

build-and-deploy.yml

Annotations