Checkov and Trivy (#493)

* Update github-actions.yml * Update github-actions.yml * Update github-actions.yml * Update github-actions.yml * Update Dockerfile * Update Dockerfile * Update github-actions.yml * fixed build issue * Update github-actions.yml * Update github-actions.yml * Update github-actions.yml --------- Co-authored-by: Jakub Raczek <jakub.raczek@accenture.com>
Accenture · Jan 10, 2025 · 8deb403 · 8deb403
1 parent 43b2082
commit 8deb403
Show file tree

Hide file tree

Showing 10 changed files with 1,190 additions and 17 deletions.
diff --git a/.github/workflows/github-actions.yml b/.github/workflows/github-actions.yml
@@ -110,13 +110,23 @@ jobs:
         username: ${{ secrets.DOCKERHUB_USERNAME }}
         password: ${{ secrets.DOCKERHUB_TOKEN }}
       if: startsWith(github.ref, 'refs/tags/')
+    - name: checkov-image-scan
+      uses: bridgecrewio/checkov-action@v12.1347.0
+      with:
+         directory: .
+         soft_fail: false
     - name: Build and push
       uses: docker/build-push-action@v6
       with:
           context: .
           push: true
           tags: ocaramba/selenium:latest
       if: startsWith(github.ref, 'refs/tags/')
+    - name: Aqua Security Trivy
+      uses: aquasecurity/trivy-action@0.29.0
+      with:
+        severity: MEDIUM,HIGH,CRITICAL
+        image-ref: ocaramba/selenium:latest
     - name: Install Docker Compose 
       run: | 
         sudo apt-get update 

diff --git a/Dockerfile b/Dockerfile
@@ -57,3 +57,13 @@ RUN BASE_URL=https://github.com/mozilla/geckodriver/releases/download \
     tar -xz -C /usr/local/bin
 
 ENV ASPNETCORE_ENVIRONMENT Linux
+#=========
+# Create a user and switch to it
+#=========
+RUN groupadd -r ocaramba && useradd -r -g ocaramba ocaramba
+USER ocaramba
+#=========
+# Health Check
+#=========
+HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
+  CMD dotnet --info || exit 1
diff --git a/Ocaramba.Tests.Angular/Ocaramba.Tests.Angular.csproj b/Ocaramba.Tests.Angular/Ocaramba.Tests.Angular.csproj
@@ -8,7 +8,6 @@
     <PackageReference Include="Appveyor.TestLogger" Version="2.0.0" />
     <PackageReference Include="NLog" Version="5.3.4" />
     <PackageReference Include="System.Text.Json" Version="9.0.0" />
-    <PackageReference Include="System.Runtime.CompilerServices.Unsafe" Version="6.0.0" />
     <PackageReference Include="NUnit" Version="4.3.2" />
     <PackageReference Include="NUnit.Runners" Version="3.12.0" />
     <PackageReference Include="NUnit3TestAdapter" Version="4.6.0">
@@ -19,6 +18,7 @@
     <PackageReference Include="Selenium.WebDriver" Version="4.27.0" />
     <PackageReference Include="Selenium.WebDriver.ChromeDriver" Version="131.0.6778.8500" />
     <PackageReference Include="Selenium.WebDriver.GeckoDriver" Version="0.35.0" />
+    <PackageReference Include="System.Runtime.CompilerServices.Unsafe" Version="6.1.0" />
   </ItemGroup>
   <ItemGroup Condition="'$(TargetFramework)' == 'net472'">
 	<Reference Include="System.Configuration" />

diff --git a/Ocaramba.Tests.Angular/packages.lock.json b/Ocaramba.Tests.Angular/packages.lock.json
@@ -1,6 +1,245 @@
 {
   "version": 1,
   "dependencies": {
+    ".NETFramework,Version=v4.7.2": {
+      "Appveyor.TestLogger": {
+        "type": "Direct",
+        "requested": "[2.0.0, )",
+        "resolved": "2.0.0",
+        "contentHash": "D2GsYP/5kddQss6vkX8edw6Dt+qHBN5+pv6DIF8vvb8ObFyiU/r/JK8A2RKE1ucC6nPojQUApvq8IJVNIjYedQ=="
+      },
+      "EWSoftware.SHFB": {
+        "type": "Direct",
+        "requested": "[2024.9.12, )",
+        "resolved": "2024.9.12",
+        "contentHash": "mvx56Gdg3oNO/u/mW+ty4c4g5Nk2ds8TphvHuqJ+XFQeT0ptBhbpNhy7yzNwsSpWD69PSRdgZg/JOpLNIqcpWw=="
+      },
+      "EWSoftware.SHFB.NETCore": {
+        "type": "Direct",
+        "requested": "[4.5.1.2, )",
+        "resolved": "4.5.1.2",
+        "contentHash": "p4kGsnCAOgqqqM5bdRVlhFT8/b9fOhRJXTLWUomL7k+kpplIFvhpE50gBUkpQvl+yJmUkf9f6bSooWIG2rbPPQ=="
+      },
+      "EWSoftware.SHFB.NETFramework": {
+        "type": "Direct",
+        "requested": "[4.8.0.3, )",
+        "resolved": "4.8.0.3",
+        "contentHash": "qObtYN6DDT0KEdZyragKKZkKrqXWP2hzjT35rGYOqUpvoVMs9kiCUU+s42A+9BTcRBRmZu1jc+keJWdqIuuVXw=="
+      },
+      "NLog": {
+        "type": "Direct",
+        "requested": "[5.3.4, )",
+        "resolved": "5.3.4",
+        "contentHash": "gLy7+O1hEYJXIlcTr1/VWjGXrZTQFZzYNO18IWasD64pNwz0BreV+nHLxWKXWZzERRzoKnsk2XYtwLkTVk7J1A=="
+      },
+      "NUnit": {
+        "type": "Direct",
+        "requested": "[4.3.2, )",
+        "resolved": "4.3.2",
+        "contentHash": "puVXayXNmEu7MFQSUswGmUjOy3M3baprMbkLl5PAutpeDoGTr+jPv33qAYsqxywi2wJCq8l/O3EhHoLulPE1iQ==",
+        "dependencies": {
+          "System.Memory": "4.6.0",
+          "System.Threading.Tasks.Extensions": "4.5.4",
+          "System.ValueTuple": "4.5.0"
+        }
+      },
+      "NUnit.Runners": {
+        "type": "Direct",
+        "requested": "[3.12.0, )",
+        "resolved": "3.12.0",
+        "contentHash": "KNpc03ZPF8wUWdPnLwNch1ycqsUNJgsheVlsUQcsHStuN5S7HMuNEGAavBNVwsHGq++GmtgG0N1MBVEgmxFtFg==",
+        "dependencies": {
+          "NUnit.Console": "3.12.0"
+        }
+      },
+      "NUnit3TestAdapter": {
+        "type": "Direct",
+        "requested": "[4.6.0, )",
+        "resolved": "4.6.0",
+        "contentHash": "R7e1+a4vuV/YS+ItfL7f//rG+JBvVeVLX4mHzFEZo4W1qEKl8Zz27AqvQSAqo+BtIzUCo4aAJMYa56VXS4hudw=="
+      },
+      "Selenium.Support": {
+        "type": "Direct",
+        "requested": "[4.27.0, )",
+        "resolved": "4.27.0",
+        "contentHash": "vPsJmYP+ONxutAmkpSc2cXJCO/eHjP+4dccx/M9mGntOZuVjM0DOzyH2cvX8tDoQ18yUq8l2P4rA3a278Gp2KQ==",
+        "dependencies": {
+          "Selenium.WebDriver": "4.27.0"
+        }
+      },
+      "Selenium.WebDriver": {
+        "type": "Direct",
+        "requested": "[4.27.0, )",
+        "resolved": "4.27.0",
+        "contentHash": "bMIpqwpBfYLa1lh8gPVa6A1i9LeWNsfc2mR9why0DutEKI7ck3GVxzco1bB/8bv+7IA6rk4sR9WpZLRUnH/AAw==",
+        "dependencies": {
+          "System.Text.Json": "8.0.5"
+        }
+      },
+      "Selenium.WebDriver.ChromeDriver": {
+        "type": "Direct",
+        "requested": "[131.0.6778.8500, )",
+        "resolved": "131.0.6778.8500",
+        "contentHash": "xi6B90m0dx8SRAo7HFLNflH1q6A4ISuHCc4cmIAn9KVqdw1H6ePEgyspO4odkLaQgrnYn++81i9WaXgyNdHdtA=="
+      },
+      "Selenium.WebDriver.GeckoDriver": {
+        "type": "Direct",
+        "requested": "[0.35.0, )",
+        "resolved": "0.35.0",
+        "contentHash": "+s9jC3IhtNmWloGv9pQ+TqNeRYM0cCPQrFicpXNcyP08KI/WjTRPE0b0M6Fc8I3FEGj98EBQjQBwUlAiQpMW0w=="
+      },
+      "System.Runtime.CompilerServices.Unsafe": {
+        "type": "Direct",
+        "requested": "[6.1.0, )",
+        "resolved": "6.1.0",
+        "contentHash": "5o/HZxx6RVqYlhKSq8/zronDkALJZUT2Vz0hx43f0gwe8mwlM0y2nYlqdBwLMzr262Bwvpikeb/yEwkAa5PADg=="
+      },
+      "System.Text.Json": {
+        "type": "Direct",
+        "requested": "[9.0.0, )",
+        "resolved": "9.0.0",
+        "contentHash": "js7+qAu/9mQvnhA4EfGMZNEzXtJCDxgkgj8ohuxq/Qxv+R56G+ljefhiJHOxTNiw54q8vmABCWUwkMulNdlZ4A==",
+        "dependencies": {
+          "Microsoft.Bcl.AsyncInterfaces": "9.0.0",
+          "System.Buffers": "4.5.1",
+          "System.IO.Pipelines": "9.0.0",
+          "System.Memory": "4.5.5",
+          "System.Runtime.CompilerServices.Unsafe": "6.0.0",
+          "System.Text.Encodings.Web": "9.0.0",
+          "System.Threading.Tasks.Extensions": "4.5.4",
+          "System.ValueTuple": "4.5.0"
+        }
+      },
+      "Microsoft.Bcl.AsyncInterfaces": {
+        "type": "Transitive",
+        "resolved": "9.0.0",
+        "contentHash": "owmu2Cr3IQ8yQiBleBHlGk8dSQ12oaF2e7TpzwJKEl4m84kkZJjEY1n33L67Y3zM5jPOjmmbdHjbfiL0RqcMRQ==",
+        "dependencies": {
+          "System.Threading.Tasks.Extensions": "4.5.4"
+        }
+      },
+      "Microsoft.CSharp": {
+        "type": "Transitive",
+        "resolved": "4.7.0",
+        "contentHash": "pTj+D3uJWyN3My70i2Hqo+OXixq3Os2D1nJ2x92FFo6sk8fYS1m1WLNTs0Dc1uPaViH0YvEEwvzddQ7y4rhXmA=="
+      },
+      "NUnit.Console": {
+        "type": "Transitive",
+        "resolved": "3.12.0",
+        "contentHash": "9KXFnViEIKQjz4vqiYFpLV9sntfHxixQomLCJzDMXC6WDo9DP2GhDQiBND6we6MRStMSNzoAWgourbLKwo7utQ==",
+        "dependencies": {
+          "NUnit.ConsoleRunner": "3.12.0",
+          "NUnit.Extension.NUnitProjectLoader": "3.6.0",
+          "NUnit.Extension.NUnitV2Driver": "3.8.0",
+          "NUnit.Extension.NUnitV2ResultWriter": "3.6.0",
+          "NUnit.Extension.TeamCityEventListener": "1.0.7",
+          "NUnit.Extension.VSProjectLoader": "3.8.0"
+        }
+      },
+      "NUnit.ConsoleRunner": {
+        "type": "Transitive",
+        "resolved": "3.12.0",
+        "contentHash": "ZUtI8leU9ozCjLy4ZZ2X6ClU0hxfQtb95VOdmMA4SxIUvf62rIPxoHXS+jghvo5QxgRihGGcEp8xT3vCfgDdsA=="
+      },
+      "NUnit.Extension.NUnitProjectLoader": {
+        "type": "Transitive",
+        "resolved": "3.6.0",
+        "contentHash": "ev2+dCJShMNIATkYNm/vHEuieBfbismr9DcUfBvafJZf5vNyugXPuMXO/MaOFcJaoW9j6/zjMmXKG7R5umWzXA=="
+      },
+      "NUnit.Extension.NUnitV2Driver": {
+        "type": "Transitive",
+        "resolved": "3.8.0",
+        "contentHash": "l6MgFJPTnrlDaMXWfbUZ82h1uvtj0C1ExPpqm6HrYOBa5Z4MBwmFLqj85rnv9JMhu/Ju7jQB/FIaMbfoXInI2A=="
+      },
+      "NUnit.Extension.NUnitV2ResultWriter": {
+        "type": "Transitive",
+        "resolved": "3.6.0",
+        "contentHash": "P/Nc+wgFRe3dT59/VjhiIT0SWfLMbb/Vc9AtBU3L71VOCs8zQnuNjCOEFLQL/Mq6XSaZeB2Sug9tUgTfCnQk9w=="
+      },
+      "NUnit.Extension.TeamCityEventListener": {
+        "type": "Transitive",
+        "resolved": "1.0.7",
+        "contentHash": "bw+ZwHsUmxqb9leo91qLEF7ggtdpawY2V6wNqHI6+ATa2SHxHxoxiV5UV07ZWDRpf/qlQJELNlZu7wIB3+w2qQ=="
+      },
+      "NUnit.Extension.VSProjectLoader": {
+        "type": "Transitive",
+        "resolved": "3.8.0",
+        "contentHash": "CIScV9a7+wUu6Ylb+WO0q/WGWQVoB05TUj3XZHa1CO+2BInDdfIVkqtlrSguhy6D/AGIMaLVrCZpQkQ2m0bbzQ=="
+      },
+      "System.Buffers": {
+        "type": "Transitive",
+        "resolved": "4.6.0",
+        "contentHash": "lN6tZi7Q46zFzAbRYXTIvfXcyvQQgxnY7Xm6C6xQ9784dEL1amjM6S6Iw4ZpsvesAKnRVsM4scrDQaDqSClkjA=="
+      },
+      "System.IO.Pipelines": {
+        "type": "Transitive",
+        "resolved": "9.0.0",
+        "contentHash": "eA3cinogwaNB4jdjQHOP3Z3EuyiDII7MT35jgtnsA4vkn0LUrrSHsU0nzHTzFzmaFYeKV7MYyMxOocFzsBHpTw==",
+        "dependencies": {
+          "System.Buffers": "4.5.1",
+          "System.Memory": "4.5.5",
+          "System.Threading.Tasks.Extensions": "4.5.4"
+        }
+      },
+      "System.Memory": {
+        "type": "Transitive",
+        "resolved": "4.6.0",
+        "contentHash": "OEkbBQoklHngJ8UD8ez2AERSk2g+/qpAaSWWCBFbpH727HxDq5ydVkuncBaKcKfwRqXGWx64dS6G1SUScMsitg==",
+        "dependencies": {
+          "System.Buffers": "4.6.0",
+          "System.Numerics.Vectors": "4.6.0",
+          "System.Runtime.CompilerServices.Unsafe": "6.1.0"
+        }
+      },
+      "System.Numerics.Vectors": {
+        "type": "Transitive",
+        "resolved": "4.6.0",
+        "contentHash": "t+SoieZsRuEyiw/J+qXUbolyO219tKQQI0+2/YI+Qv7YdGValA6WiuokrNKqjrTNsy5ABWU11bdKOzUdheteXg=="
+      },
+      "System.Text.Encodings.Web": {
+        "type": "Transitive",
+        "resolved": "9.0.0",
+        "contentHash": "e2hMgAErLbKyUUwt18qSBf9T5Y+SFAL3ZedM8fLupkVj8Rj2PZ9oxQ37XX2LF8fTO1wNIxvKpihD7Of7D/NxZw==",
+        "dependencies": {
+          "System.Buffers": "4.5.1",
+          "System.Memory": "4.5.5",
+          "System.Runtime.CompilerServices.Unsafe": "6.0.0"
+        }
+      },
+      "System.Threading.Tasks.Extensions": {
+        "type": "Transitive",
+        "resolved": "4.5.4",
+        "contentHash": "zteT+G8xuGu6mS+mzDzYXbzS7rd3K6Fjb9RiZlYlJPam2/hU7JCBZBVEcywNuR+oZ1ncTvc/cq0faRr3P01OVg==",
+        "dependencies": {
+          "System.Runtime.CompilerServices.Unsafe": "4.5.3"
+        }
+      },
+      "System.ValueTuple": {
+        "type": "Transitive",
+        "resolved": "4.5.0",
+        "contentHash": "okurQJO6NRE/apDIP23ajJ0hpiNmJ+f0BwOlB/cSqTLQlw5upkf+5+96+iG2Jw40G1fCVCyPz/FhIABUjMR+RQ=="
+      },
+      "ocaramba.tests.pageobjects": {
+        "type": "Project",
+        "dependencies": {
+          "NLog": "[5.3.4, )",
+          "OcarambaLite": "[1.0.0, )",
+          "Selenium.Support": "[4.27.0, )",
+          "Selenium.WebDriver": "[4.27.0, )",
+          "Selenium.WebDriver.ChromeDriver": "[131.0.6778.8500, )",
+          "Selenium.WebDriver.GeckoDriver": "[0.35.0, )"
+        }
+      },
+      "ocarambalite": {
+        "type": "Project",
+        "dependencies": {
+          "Microsoft.CSharp": "[4.7.0, )",
+          "NLog": "[5.3.4, )",
+          "Selenium.Support": "[4.27.0, )",
+          "Selenium.WebDriver": "[4.27.0, )"
+        }
+      }
+    },
     "net8.0": {
       "Appveyor.TestLogger": {
         "type": "Direct",
@@ -83,9 +322,9 @@
       },
       "System.Runtime.CompilerServices.Unsafe": {
         "type": "Direct",
-        "requested": "[6.0.0, )",
-        "resolved": "6.0.0",
-        "contentHash": "/iUeP3tq1S0XdNNoMz5C9twLSrM/TH+qElHkXWaPvuNOt+99G75NrV0OS2EqHx5wMN7popYjpc8oTjC1y16DLg=="
+        "requested": "[6.1.0, )",
+        "resolved": "6.1.0",
+        "contentHash": "5o/HZxx6RVqYlhKSq8/zronDkALJZUT2Vz0hx43f0gwe8mwlM0y2nYlqdBwLMzr262Bwvpikeb/yEwkAa5PADg=="
       },
       "System.Text.Json": {
         "type": "Direct",

diff --git a/Ocaramba.Tests.CloudProviderCrossBrowser/Ocaramba.Tests.CloudProviderCrossBrowser.csproj b/Ocaramba.Tests.CloudProviderCrossBrowser/Ocaramba.Tests.CloudProviderCrossBrowser.csproj
@@ -18,7 +18,7 @@
 	<PackageReference Include="Selenium.Support" Version="4.27.0" />
     <PackageReference Include="Selenium.WebDriver" Version="4.27.0" />
 	  <PackageReference Include="System.Text.Json" Version="9.0.0" />
-    <PackageReference Include="System.Runtime.CompilerServices.Unsafe" Version="6.0.0" />
+    <PackageReference Include="System.Runtime.CompilerServices.Unsafe" Version="6.1.0" />
 	<PackageReference Include="NLog" Version="5.3.4" />
     <PackageReference Include="Selenium.WebDriver.ChromeDriver" Version="131.0.6778.8500" />
     <PackageReference Include="Selenium.WebDriver.GeckoDriver" Version="0.35.0" />