Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(misconf): Allow quotes in Dockerfile WORKDIR when detecting relative dirs #2636

Merged
merged 2 commits into from
Aug 1, 2022
Merged

fix(misconf): Allow quotes in Dockerfile WORKDIR when detecting relative dirs #2636

merged 2 commits into from
Aug 1, 2022

Conversation

liamg
Copy link
Contributor

@liamg liamg commented Aug 1, 2022
edited
Loading

Resolves #2622

Signed-off-by: Liam Galvin liam.galvin@aquasec.com

Description

Regular expression for WORKDIR used in the rego rule in defsec did not allow quotes - now it does.

Related issues

@liamg
fix(misconfig): Allow quotes in Dockerfile WORKDIR when detecting rel…
70618e6 
…ative directories

Resolves #2622

Signed-off-by: Liam Galvin <liam.galvin@aquasec.com>
@liamg liamg changed the title fix(misconfig): Allow quotes in Dockerfile WORKDIR when detecting relative dirs fix(misconf): Allow quotes in Dockerfile WORKDIR when detecting relative dirs Aug 1, 2022
@liamg liamg marked this pull request as ready for review August 1, 2022 10:52
knqyf263
knqyf263 reviewed Aug 1, 2022
View reviewed changes
integration/testdata/helm.json.golden
@@ -268,7 +268,7 @@
"Class": "config",
"Type": "helm",
"MisconfSummary": {
"Successes": 34,
"Successes": 78,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did you add a lot of checks for Kubernetes?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Haha, yes! @josedonizetti added lots of CIS Benchmark checks in aquasecurity/defsec#720 and aquasecurity/defsec#721 :)

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, cool👍 I just wanted to confirm that a number of Successes didn't jump by mistake. Thanks for confirming.

@knqyf263
Copy link
Collaborator

knqyf263 commented Aug 1, 2022

I'll wait for @owenrumney's review.

@knqyf263 knqyf263 merged commit 55825d7 into main Aug 1, 2022
@knqyf263 knqyf263 deleted the liamg-fix-dockerfile-workdir-quotes branch August 1, 2022 12:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@owenrumney owenrumney owenrumney approved these changes

@knqyf263 knqyf263 knqyf263 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Using double quotes on WORKDIR in Dockerfile results in HIGH failure
3 participants
@liamg @knqyf263 @owenrumney