harbor/make/photon/trivy-adapter/Dockerfile

ARG harbor_base_image_version
ARG harbor_base_namespace
FROM ${harbor_base_namespace}/harbor-trivy-adapter-base:${harbor_base_image_version}

ARG trivy_version

COPY ./make/photon/common/install_cert.sh /home/scanner
COPY ./make/photon/trivy-adapter/entrypoint.sh /home/scanner
COPY ./make/photon/trivy-adapter/binary/trivy /usr/local/bin/trivy
COPY ./make/photon/trivy-adapter/binary/scanner-trivy /home/scanner/bin/scanner-trivy


RUN chown -R scanner:scanner /etc/pki/tls/certs \
    && chown scanner:scanner /home/scanner/entrypoint.sh && chmod u+x /home/scanner/entrypoint.sh \
    && chown scanner:scanner /usr/local/bin/trivy && chmod u+x /usr/local/bin/trivy \
    && chown scanner:scanner /home/scanner/bin/scanner-trivy && chmod u+x /home/scanner/bin/scanner-trivy \
    && chown scanner:scanner /home/scanner/install_cert.sh && chmod u+x /home/scanner/install_cert.sh

HEALTHCHECK --interval=30s --timeout=10s --retries=3 CMD curl --fail -s http://localhost:8080/probe/healthy || curl -k --fail -s https://localhost:8443/probe/healthy || exit 1

ENV TRIVY_VERSION=${trivy_version}

USER scanner

ENTRYPOINT ["/home/scanner/entrypoint.sh"]
chore(install): Add --with-trivy arg to the installation script Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com> 2020-02-10 16:46:26 +01:00			`ARG harbor_base_image_version`
feat(cicd) parameterize docker base image and external url Signed-off-by: Ziming Zhang <zziming@vmware.com> 2020-04-01 13:46:45 +02:00			`ARG harbor_base_namespace`
			`FROM ${harbor_base_namespace}/harbor-trivy-adapter-base:${harbor_base_image_version}`
chore(install): Add --with-trivy arg to the installation script Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com> 2020-02-10 16:46:26 +01:00
			`ARG trivy_version`

Fix health check url health check url should depend on internal https Signed-off-by: DQ <dengq@vmware.com> 2020-04-04 19:43:12 +02:00			`COPY ./make/photon/common/install_cert.sh /home/scanner`
			`COPY ./make/photon/trivy-adapter/entrypoint.sh /home/scanner`
chore(install): Add --with-trivy arg to the installation script Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com> 2020-02-10 16:46:26 +01:00			`COPY ./make/photon/trivy-adapter/binary/trivy /usr/local/bin/trivy`
			`COPY ./make/photon/trivy-adapter/binary/scanner-trivy /home/scanner/bin/scanner-trivy`

Fix health check url health check url should depend on internal https Signed-off-by: DQ <dengq@vmware.com> 2020-04-04 19:43:12 +02:00
			`RUN chown -R scanner:scanner /etc/pki/tls/certs \`
			`&& chown scanner:scanner /home/scanner/entrypoint.sh && chmod u+x /home/scanner/entrypoint.sh \`
			`&& chown scanner:scanner /usr/local/bin/trivy && chmod u+x /usr/local/bin/trivy \`
			`&& chown scanner:scanner /home/scanner/bin/scanner-trivy && chmod u+x /home/scanner/bin/scanner-trivy \`
			`&& chown scanner:scanner /home/scanner/install_cert.sh && chmod u+x /home/scanner/install_cert.sh`

Add IPv6 support * 127.0.0.1 to localhost * listening net addr add ipv6 format Signed-off-by: DQ <dengq@vmware.com> 2021-05-13 11:16:53 +02:00			`HEALTHCHECK --interval=30s --timeout=10s --retries=3 CMD curl --fail -s http://localhost:8080/probe/healthy \|\| curl -k --fail -s https://localhost:8443/probe/healthy \|\| exit 1`
chore(install): Add --with-trivy arg to the installation script Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com> 2020-02-10 16:46:26 +01:00
			`ENV TRIVY_VERSION=${trivy_version}`

			`USER scanner`

Fix health check url health check url should depend on internal https Signed-off-by: DQ <dengq@vmware.com> 2020-04-04 19:43:12 +02:00			`ENTRYPOINT ["/home/scanner/entrypoint.sh"]`