From 6b7aa1b2cb586aaf0b08bda2275d510182adf156 Mon Sep 17 00:00:00 2001 From: Elia el Lazkani Date: Mon, 3 Jul 2023 19:58:08 +0200 Subject: [PATCH] chore(): Removes oras and runs rootful docker in docker --- .drone.yml | 2 -- Dockerfile | 12 +++--------- 2 files changed, 3 insertions(+), 11 deletions(-) diff --git a/.drone.yml b/.drone.yml index 25d9357..6c0e32d 100644 --- a/.drone.yml +++ b/.drone.yml @@ -24,8 +24,6 @@ steps: - name: trivy-scan image: scm.project42.io/elia/trivy:production commands: - - export DOCKER_HOST=unix:///var/run/docker.sock - - /usr/local/bin/dockerd --data-root /var/lib/docker --host=unix:///var/run/docker.sock - trivy image scm.project42.io/elia/trivy:pre-scan failure: ignore diff --git a/Dockerfile b/Dockerfile index bb2036e..b9444ad 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,16 +1,10 @@ -FROM docker:dind-rootless +FROM docker:dind MAINTAINER Elia El Lazkani ARG ORAS_VERSION="1.0.0" - -USER root +ENV DOCKER_HOST=unix:///var/run/docker.sock RUN apk add --virtual .build-deps curl && \ - curl -LO "https://github.com/oras-project/oras/releases/download/v${ORAS_VERSION}/oras_${ORAS_VERSION}_linux_amd64.tar.gz" && \ - mkdir -p oras-install/ && \ - tar -zxf oras_${ORAS_VERSION}_*.tar.gz -C oras-install/ && \ - mv oras-install/oras /usr/local/bin/ && \ - rm -rf oras_${ORAS_VERSION}_*.tar.gz oras-install/ && \ export TRIVY_VERSION=$(wget -qO - "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/') && \ echo $TRIVY_VERSION && \ curl -LO "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" && \ @@ -20,4 +14,4 @@ RUN apk add --virtual .build-deps curl && \ ln -s /opt/trivy/trivy /usr/local/bin/trivy && \ apk del .build-deps -USER rootless +ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh", "/bin/trivy"]