Skip to content

Initial commit: Add GWI Platform project

Wiz GWI / Wiz IaC Scanner completed Jul 13, 2024 in 3s

Wiz IaC Scanner

Revealing IaC misconfigurations with Wiz

IaC Misconfigurations Detected: 5

0C 2H 0M 3L 0I

Annotations

Check failure on line 1 in app/Dockerfile

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz IaC Scanner

Missing User Instruction 

Rule ID: 0b5e0683-5a06-4bcd-ac73-28249add06df
Severity: High
Resource: FROM={{golang:1.20.5-alpine}}

A user should be specified in the dockerfile, otherwise the image will run as root
Raw output 
Expected: The 'Dockerfile' should contain the 'USER' instruction
Found: The 'Dockerfile' does not contain any 'USER' instruction

Check failure on line 1 in test/Dockerfile

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz IaC Scanner

Missing User Instruction 

Rule ID: 0b5e0683-5a06-4bcd-ac73-28249add06df
Severity: High
Resource: FROM={{golang:1.20.5-alpine}}

A user should be specified in the dockerfile, otherwise the image will run as root
Raw output 
Expected: The 'Dockerfile' should contain the 'USER' instruction
Found: The 'Dockerfile' does not contain any 'USER' instruction

Check notice on line 5 in app/Dockerfile

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz IaC Scanner

Multiple RUN, ADD, COPY, Instructions Listed 

Rule ID: 69c79a69-14d7-4718-b485-810a7729049c
Severity: Low
Resource: FROM={{golang:1.20.5-alpine}}.{{COPY go.mod ./}}

Multiple commands (RUN, Copy, And) should be grouped in order to reduce the number of layers.
Raw output 
Expected: There isn´t any COPY instruction that could be grouped
Found: There are COPY instructions that could be grouped

Check notice on line 1 in app/Dockerfile

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz IaC Scanner

Healthcheck Instruction Missing 

Rule ID: 704ee966-67b2-4219-871f-12a7e5126cb1
Severity: Low
Resource: FROM={{golang:1.20.5-alpine}}

Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working
Raw output 
Expected: Dockerfile should contain instruction 'HEALTHCHECK'
Found: Dockerfile doesn't contain instruction 'HEALTHCHECK'

Check notice on line 1 in test/Dockerfile

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz IaC Scanner

Healthcheck Instruction Missing 

Rule ID: 704ee966-67b2-4219-871f-12a7e5126cb1
Severity: Low
Resource: FROM={{golang:1.20.5-alpine}}

Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working
Raw output 
Expected: Dockerfile should contain instruction 'HEALTHCHECK'
Found: Dockerfile doesn't contain instruction 'HEALTHCHECK'
View more details on Wiz GWI