chore(): Removes oras and runs rootful docker in docker

2023-07-03 19:58:08 +02:00 · 2023-07-03 19:58:08 +02:00 · 6b7aa1b2cb
commit 6b7aa1b2cb
parent aee3f45f50
2 changed files with 3 additions and 11 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -24,8 +24,6 @@ steps:
 - name: trivy-scan
  image: scm.project42.io/elia/trivy:production
  commands:
-    - export DOCKER_HOST=unix:///var/run/docker.sock
-    - /usr/local/bin/dockerd --data-root /var/lib/docker --host=unix:///var/run/docker.sock
    - trivy image scm.project42.io/elia/trivy:pre-scan
  failure: ignore

--- a/12
+++ b/12
@ -1,16 +1,10 @@
-FROM docker:dind-rootless
+FROM docker:dind
 MAINTAINER Elia El Lazkani <git@lazkani.io>

 ARG ORAS_VERSION="1.0.0"
-
-USER root
+ENV DOCKER_HOST=unix:///var/run/docker.sock

 RUN apk add --virtual .build-deps curl && \
-    curl -LO "https://github.com/oras-project/oras/releases/download/v${ORAS_VERSION}/oras_${ORAS_VERSION}_linux_amd64.tar.gz" && \
-    mkdir -p oras-install/ && \
-    tar -zxf oras_${ORAS_VERSION}_*.tar.gz -C oras-install/ && \
-    mv oras-install/oras /usr/local/bin/ && \
-    rm -rf oras_${ORAS_VERSION}_*.tar.gz oras-install/ && \
    export TRIVY_VERSION=$(wget -qO - "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/') && \
    echo $TRIVY_VERSION && \
    curl -LO "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" && \
@ -20,4 +14,4 @@ RUN apk add --virtual .build-deps curl && \
    ln -s /opt/trivy/trivy /usr/local/bin/trivy && \
    apk del .build-deps

-USER rootless
+ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh", "/bin/trivy"]