Use scorecard view instead of repo (#129) #146
Annotations
11 warnings
|
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
Build, tag, and push API image to Amazon ECR:
api/Dockerfile#L34
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "ACCOUNT_CONFIRMATION_TOKEN_SECRET")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
|
Build, tag, and push API image to Amazon ECR:
api/Dockerfile#L40
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
Build, tag, and push API image to Amazon ECR:
api/Dockerfile#L28
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
Build, tag, and push API image to Amazon ECR:
api/Dockerfile#L29
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "ACCESS_TOKEN_EXPIRES_IN")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
|
Build, tag, and push API image to Amazon ECR:
api/Dockerfile#L34
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
Build, tag, and push API image to Amazon ECR:
api/Dockerfile#L36
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
Build, tag, and push API image to Amazon ECR:
api/Dockerfile#L37
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
Build, tag, and push API image to Amazon ECR:
api/Dockerfile#L10
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ARG "RESET_PASSWORD_TOKEN_SECRET")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
|
Build, tag, and push API image to Amazon ECR:
api/Dockerfile#L17
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ARG "AWS_SES_ACCESS_KEY_SECRET")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
|
Build, tag, and push API image to Amazon ECR:
api/Dockerfile#L32
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "EMAIL_CONFIRMATION_TOKEN_SECRET")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
Loading