Skip to content

fix(sdk): absolute ENTRYPOINT to work with uv#11313

Merged
jfagoagas merged 2 commits into
masterfrom
fix/action-entrypoint-absolute-path
May 22, 2026
Merged

fix(sdk): absolute ENTRYPOINT to work with uv#11313
jfagoagas merged 2 commits into
masterfrom
fix/action-entrypoint-absolute-path

Conversation

@jfagoagas
Copy link
Copy Markdown
Member

@jfagoagas jfagoagas commented May 21, 2026
edited
Loading

Context

Fix #11275

Timeline

Description

Container image now uses an absolute ENTRYPOINT (/home/prowler/.venv/bin/prowler) so it works under any runtime --workdir. The relative entrypoint was breaking the official GitHub Action (prowler-cloud/prowler@v5.27.0) and any docker run with a custom -w

Checklist

Community Checklist
  • This feature/issue is listed in here or roadmap.prowler.com
  • Is it assigned to me, if not, request it via the issue/feature in here or Prowler Community Slack

SDK/CLI

  • Are there new checks included in this PR? Yes / No
    • If so, do we need to update permissions for the provider? Please review this carefully.

UI

  • All issue/task requirements work as expected on the UI
  • If this PR adds or updates npm dependencies, include package-health evidence (maintenance, popularity, known vulnerabilities, license, release age) and explain why existing/native alternatives are insufficient.
  • Screenshots/Video of the functionality flow (if applicable) - Mobile (X < 640px)
  • Screenshots/Video of the functionality flow (if applicable) - Table (640px > X < 1024px)
  • Screenshots/Video of the functionality flow (if applicable) - Desktop (X > 1024px)
  • Ensure new entries are added to CHANGELOG.md, if applicable.

API

  • All issue/task requirements work as expected on the API
  • Endpoint response output (if applicable)
  • EXPLAIN ANALYZE output for new/modified queries or indexes (if applicable)
  • Performance test results (if applicable)
  • Any other relevant evidence of the implementation (if applicable)
  • Verify if API specs need to be regenerated.
  • Check if version updates are required (e.g., specs, uv, etc.).
  • Ensure new entries are added to CHANGELOG.md, if applicable.

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@jfagoagas jfagoagas requested a review from a team as a code owner May 21, 2026 14:12
Copilot AI review requested due to automatic review settings May 21, 2026 14:12
@jfagoagas jfagoagas requested a review from a team as a code owner May 21, 2026 14:12
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 21, 2026
edited
Loading

Conflict Markers Resolved

All conflict markers have been successfully resolved in this pull request.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 21, 2026
edited
Loading

✅ All necessary CHANGELOG.md files have been updated.

Copilot AI reviewed May 21, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Fixes a regression introduced by the Poetry→uv migration where the container ENTRYPOINT became a relative path and broke runs that override the container workdir (notably the official GitHub Action).

Changes:

  • Switch Docker image ENTRYPOINT from relative .venv/bin/prowler to absolute /home/prowler/.venv/bin/prowler.
  • Add a changelog entry describing the fix and the affected versions/action usage.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File Description
Dockerfile Makes the container entrypoint absolute so it works regardless of runtime --workdir.
prowler/CHANGELOG.md Documents the regression and the fix under the upcoming release.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread prowler/CHANGELOG.md Outdated
cesararroba
cesararroba previously approved these changes May 21, 2026
View reviewed changes
andoniaf
andoniaf reviewed May 21, 2026
View reviewed changes
Comment thread prowler/CHANGELOG.md Outdated
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 21, 2026

🔒 Container Security Scan

Image: prowler:75342b7
Last scan: 2026-05-21 14:22:59 UTC

📊 Vulnerability Summary

Severity Count
🔴 Critical 6
Total 6

5 package(s) affected

⚠️ Action Required

Critical severity vulnerabilities detected. These should be addressed before merging:

  • Review the detailed scan results
  • Update affected packages to patched versions
  • Consider using a different base image if updates are unavailable

📋 Resources:

@jfagoagas jfagoagas requested review from andoniaf and cesararroba May 21, 2026 14:24
@jfagoagas jfagoagas merged commit f86bd7b into master May 22, 2026
22 checks passed
@jfagoagas jfagoagas deleted the fix/action-entrypoint-absolute-path branch May 22, 2026 06:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@cesararroba cesararroba Awaiting requested review from cesararroba

+1 more reviewer

@andoniaf andoniaf andoniaf approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

GitHub Action fails with exit 127: .venv/bin/prowler: no such file (workdir override breaks relative ENTRYPOINT)

4 participants

@jfagoagas @andoniaf @cesararroba