Amass Docker Container does not use a non-numeric user #715
Description
Currently, we use the amass docker container published on dockerhub. Now we added securityContext values to every scanner. During this process, I encountered that it is necessary to set the value runAsNonRoot to false because they use a non-numeric user in their Dockerfile.
Otherwise, the following error is raised by kubernetes: Error: container has runAsNonRoot and image has non-numeric user (user), cannot verify user is non-root (pod: "scan-amass-scanner-dummy-scan, container: amass).
Possible solutions
- Create an issue in the OWASP amass project and ask them if it is possible to add a numerical user value (1001 is standard for SCB scanners)
- Create our own dockerfile for the amass scanner.
Metadata
Metadata
Assignees
Type
Projects
Status