From 6ae1ca2864df304196d8550193c7d94fcf1d5bb5 Mon Sep 17 00:00:00 2001 From: Elia el Lazkani Date: Mon, 3 Jul 2023 18:48:20 +0200 Subject: [PATCH] chore(): Initial commit for a trivy scanner --- Dockerfile | 18 ++++++++++++++++++ README.md | 11 +++++++++++ 2 files changed, 29 insertions(+) create mode 100644 Dockerfile create mode 100644 README.md diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..9b9bedd --- /dev/null +++ b/Dockerfile @@ -0,0 +1,18 @@ +FROM alpine:latest + +ARG ORAS_VERSION="1.0.0" + +RUN apk add --virtual .build-deps curl && \ + curl -LO "https://github.com/oras-project/oras/releases/download/v${ORAS_VERSION}/oras_${ORAS_VERSION}_linux_amd64.tar.gz" && \ + mkdir -p oras-install/ && \ + tar -zxf oras_${ORAS_VERSION}_*.tar.gz -C oras-install/ && \ + mv oras-install/oras /usr/local/bin/ && \ + rm -rf oras_${ORAS_VERSION}_*.tar.gz oras-install/ && \ + export TRIVY_VERSION=$(wget -qO - "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/') && \ + echo $TRIVY_VERSION && \ + curl -LO "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" && \ + mkdir -p trivy-install && \ + tar -zxf trivy_${TRIVY_VERSION}_*.tar.gz -C trivy-install/ && \ + mv trivy-install /opt/trivy && \ + ln -s /opt/trivy/trivy /usr/local/bin/trivy && \ + apk del .build-deps diff --git a/README.md b/README.md new file mode 100644 index 0000000..2b75188 --- /dev/null +++ b/README.md @@ -0,0 +1,11 @@ +# Trivy Container Scanner + +This container is designed to pull and scan containers without the need of using privileged containers. + +# Oras + +The container includes `oras`, an awesome little nifty command line tool to manage containers. + +# Trivy + +The famous `trivy` scanner binary.