Pipeline fails OpenSCAP on image with Iron Bank distroless base
Summary
Using the Iron Bank distroless image causes the pipeline to fail on the OpenSCAP scanning.
Link to failed pipeline
https://repo1.dso.mil/dsop/cloudfit/cloudfit/cloudfit-cfs-api/-/pipelines/148564
What is the current bug behavior?
OpenSCAP fails to find security profile
What is the expected correct behavior?
Pipeline should not fail OpenSCAP scanning when using distroless image
Possible fixes
Either provide an OpenSCAP security profile for distroless images for OpenSCAP or skip OpenSCAP on distroless images
Definition of Done
-
Pipeline failure has been resolved
/cc @ironbank-notifications/pipelines
Edited by Ghost User