deploy github action testing #1619
RMcVeliabuild-and-deploy.yml
on: pull_request
Build
56s
Deployment To Review
11s
Annotations
1 error and 4 warnings
|
Deployment To Review
google-github-actions/auth failed with: failed to generate Google Cloud federated token for //iam.googleapis.com/projects/385922361840/locations/global/workloadIdentityPools/apply-for-qualified-teacher-sta3/providers/apply-for-qualified-teacher-sta3: ***"error":"unauthorized_client","error_description":"The given credential is rejected by the attribute condition."***
|
|
Legacy key/value format with whitespace separator should not be used:
Dockerfile#L3
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format
More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/
|
|
Sensitive data should not be used in the ARG or ENV commands:
Dockerfile#L32
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ARG "GOVUK_NOTIFY_API_KEY")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
|
Sensitive data should not be used in the ARG or ENV commands:
Dockerfile#L33
SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "GOVUK_NOTIFY_API_KEY")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
|
|
JSON arguments recommended for ENTRYPOINT/CMD to prevent unintended behavior related to OS signals:
Dockerfile#L44
JSONArgsRecommended: JSON arguments recommended for CMD to prevent unintended behavior related to OS signals
More info: https://docs.docker.com/go/dockerfile/rule/json-args-recommended/
|