mirror of
https://github.com/goharbor/harbor.git
synced 2024-12-19 07:07:42 +01:00
28e0c0693b
1. Upgrade clair adapter to v1.0.0. 2. Make the clair adapter which installed by harbor immutable and using internal registry address. 3. Add support to build clair adapter image from binary. 4. Switch to ScannerPull action when make authorization for the scan request. Signed-off-by: He Weiwei <hweiwei@vmware.com>
20 lines
584 B
Docker
20 lines
584 B
Docker
FROM photon:2.0
|
|
|
|
RUN tdnf install -y sudo >>/dev/null\
|
|
&& tdnf clean all \
|
|
&& mkdir /clair-adapter/ \
|
|
&& groupadd -r -g 10000 clair-adapter \
|
|
&& useradd --no-log-init -m -r -g 10000 -u 10000 clair-adapter
|
|
|
|
COPY ./make/photon/clair-adapter/binary/harbor-scanner-clair /clair-adapter/clair-adapter
|
|
|
|
RUN chown -R 10000:10000 /clair-adapter \
|
|
&& chmod u+x /clair-adapter/clair-adapter
|
|
|
|
EXPOSE 8080
|
|
|
|
HEALTHCHECK --interval=30s --timeout=10s --retries=3 CMD curl -sS 127.0.0.1:8080/probe/healthy || exit 1
|
|
|
|
USER clair-adapter
|
|
|
|
ENTRYPOINT ["/clair-adapter/clair-adapter"] |