Image Without Digest
- Query id: 7c81d34c-8e5a-402b-9798-9f442630e678
- Query name: Image Without Digest
- Platform: Kubernetes
- Severity: Low
- Category: Insecure Configurations
- URL: Github
Description¶
Images should be specified together with their digests to ensure integrity
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
apiVersion: v1
kind: Pod
metadata:
name: private-image-test-1
spec:
containers:
- name: uses-private-image
image: $PRIVATE_IMAGE_NAME
imagePullPolicy: Always
command: [ "echo", "SUCCESS" ]