-
Notifications
You must be signed in to change notification settings - Fork 4
/
Dockerfile
26 lines (20 loc) · 966 Bytes
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
FROM google/cloud-sdk:499.0.0-alpine
# upgrade all packages and update root certificates to copy into runtime image
RUN apk -U upgrade && apk --no-cache add ca-certificates \
&& rm -rf google-cloud-sdk/bin/anthoscli \
&& rm -rf /var/cache/apk/* \
&& which cat
# download trivy
ARG TRIVY_VERSION=0.56.1
RUN wget -O- https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz | \
tar -xzf - -C / \
&& /trivy --version
# download trivy database
RUN /trivy --cache-dir /trivy-cache image --no-progress --download-db-only --db-repository '"ghcr.io/aquasecurity/trivy-db","public.ecr.aws/aquasecurity/trivy-db"'
COPY estafette-extension-docker /
ENV PATH="/dod:$PATH;$PATH:/google-cloud-sdk/bin" \
ESTAFETTE_LOG_FORMAT="console" \
DOCKER_BUILDKIT="1" \
BUILDKIT_PROGRESS="plain" \
GOOGLE_APPLICATION_CREDENTIALS="/key-file.json"
ENTRYPOINT ["/estafette-extension-docker"]