Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create OWASP security scan of Docker container #69

Open
wants to merge 8 commits into
base: main
Choose a base branch
from
Open

Create OWASP security scan of Docker container #69

wants to merge 8 commits into from

Conversation

rugk
Copy link
Contributor

@rugk rugk commented Nov 1, 2023

Based on https://github.com/PrivateBin/docker-nginx-fpm-alpine/blob/master/.github/workflows/owasp.yml

Fixes the security part of #67

Note the results may include some false-positives. You can later ignore these via creating a rules.tsv file, but I've commented this for now.

See https://github.com/zaproxy/action-full-scan

@Ravinou Ravinou self-assigned this Nov 2, 2023
rugk added a commit to rugk/borgwarehouse that referenced this pull request Nov 3, 2023
@rugk
Use environmental variables for docker-compose
b49bae5 
* You can start it as usual, `.env` file is automatically used.
* IMHO easier and cleaner to configure.
* Also removed the `<host>` as it makes this not-runnable out-of-the-box. I need this for Ravinou#69 and this was the initial idea of making this PR.
* The `${:?}` syntax is a bash-like thing to produce a proper error message if the variable is not provided.

I checked the setup should basically start (just got a permission error as the UID/GID is wrong).
@rugk rugk mentioned this pull request Nov 3, 2023
Merged
@rugk
Copy link
Contributor Author

rugk commented Nov 3, 2023

Named volume "/config:/home/borgwarehouse/app/config:rw" is used in service "borgwarehouse" but no declaration was found in the volumes section.

Don't get the error, the <host-folder> should never/nowhere appear in the repo anymore with the merged changes from #85 … 🤔

rugk
rugk commented Nov 3, 2023
View reviewed changes
.env.sample Outdated
Comment on lines 14 to 15
UID=1001
GID=1001
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
UID=1001
GID=1001
UID=$USER
GID=$USER

Could also use $USER here, which would make it runnable more out-of-the-box?

@Ravinou Ravinou force-pushed the main branch 2 times, most recently from a92b9e9 to 2900455 Compare January 14, 2024 19:41
@rugk
Copy link
Contributor Author

rugk commented Feb 26, 2024

@Ravinou any review or action needed here?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@Ravinou Ravinou

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rugk @Ravinou