The tool should be able to find a Secret in Envs.
For Example, for images that are produced from such Dockerfile:
FROM docker.io/library/python:3.8
ENV PYTHONDONTWRITEBYTECODE=1
ENV PYTHONUNBUFFERED=1
WORKDIR /app
COPY requirements.txt /app/
RUN pip install -r requirements.txt
ENV POSTGRES_HOST=database
ENV POSTGRES_USER=postgres
ENV POSTGRES_PASSWORD=postgres
ENV POSTGRES_DB=shopping_list
COPY . /app/
EXPOSE 8000
CMD ["gunicorn", "--bind", "0.0.0.0:8000", "app:app"]
It should report the Postgres password.
The tool should be able to find a Secret in Envs.
For Example, for images that are produced from such Dockerfile:
It should report the Postgres password.