FROM docker:dind-rootless MAINTAINER Elia El Lazkani ARG ORAS_VERSION="1.0.0" USER root RUN apk add --virtual .build-deps curl && \ curl -LO "https://github.com/oras-project/oras/releases/download/v${ORAS_VERSION}/oras_${ORAS_VERSION}_linux_amd64.tar.gz" && \ mkdir -p oras-install/ && \ tar -zxf oras_${ORAS_VERSION}_*.tar.gz -C oras-install/ && \ mv oras-install/oras /usr/local/bin/ && \ rm -rf oras_${ORAS_VERSION}_*.tar.gz oras-install/ && \ export TRIVY_VERSION=$(wget -qO - "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/') && \ echo $TRIVY_VERSION && \ curl -LO "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" && \ mkdir -p trivy-install && \ tar -zxf trivy_${TRIVY_VERSION}_*.tar.gz -C trivy-install/ && \ mv trivy-install /opt/trivy && \ ln -s /opt/trivy/trivy /usr/local/bin/trivy && \ apk del .build-deps USER rootless