From 04f246cf8b33435180081c8a85edd67b3cf5c1ef Mon Sep 17 00:00:00 2001 From: MaineK00n Date: Thu, 24 Mar 2022 21:17:33 +0000 Subject: [PATCH] chore: add fvuls image (#1426) --- .dockerignore | 5 ++--- .github/workflows/docker-publish.yml | 30 +++++++++++++++++++++---- Dockerfile | 2 +- contrib/Dockerfile | 33 ++++++++++++++++++++++++++++ 4 files changed, 62 insertions(+), 8 deletions(-) create mode 100644 contrib/Dockerfile diff --git a/.dockerignore b/.dockerignore index 2278005b..12c223c1 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,7 +1,6 @@ .dockerignore Dockerfile vendor/ -cve.sqlite3* -oval.sqlite3* +*.sqlite3* setup/ -img/ +img/ \ No newline at end of file diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index f973bc6a..efe0ff04 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -20,26 +20,48 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - - name: Docker meta - id: meta + - name: vuls/vuls image meta + id: oss-meta uses: docker/metadata-action@v3 with: images: vuls/vuls tags: | type=ref,event=tag + - name: vuls/fvuls image meta + id: fvuls-meta + uses: docker/metadata-action@v3 + with: + images: vuls/fvuls + tags: | + type=ref,event=tag + - name: Login to DockerHub uses: docker/login-action@v1 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Build and push + - name: OSS image build and push uses: docker/build-push-action@v2 with: + context: . + file: ./Dockerfile push: true tags: | vuls/vuls:latest - ${{ steps.meta.outputs.tags }} + ${{ steps.oss-meta.outputs.tags }} + secrets: | + "github_token=${{ secrets.GITHUB_TOKEN }}" + + - name: FutureVuls image build and push + uses: docker/build-push-action@v2 + with: + context: . + file: ./contrib/Dockerfile + push: true + tags: | + vuls/fvuls:latest + ${{ steps.fvuls-meta.outputs.tags }} secrets: | "github_token=${{ secrets.GITHUB_TOKEN }}" diff --git a/Dockerfile b/Dockerfile index 0fe5a582..a44ecdd0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,7 +10,7 @@ ENV REPOSITORY github.com/future-architect/vuls COPY . $GOPATH/src/$REPOSITORY RUN cd $GOPATH/src/$REPOSITORY && make install -FROM alpine:3.14 +FROM alpine:3.15 ENV LOGDIR /var/log/vuls ENV WORKDIR /vuls diff --git a/contrib/Dockerfile b/contrib/Dockerfile new file mode 100644 index 00000000..689f8c29 --- /dev/null +++ b/contrib/Dockerfile @@ -0,0 +1,33 @@ +FROM golang:alpine as builder + +RUN apk add --no-cache \ + git \ + make \ + gcc \ + musl-dev +RUN go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.45.0 + +ENV REPOSITORY github.com/future-architect/vuls +COPY . $GOPATH/src/$REPOSITORY +RUN cd $GOPATH/src/$REPOSITORY && \ + make build-scanner && mv vuls $GOPATH/bin && \ + make build-trivy-to-vuls && mv trivy-to-vuls $GOPATH/bin && \ + make build-future-vuls && mv future-vuls $GOPATH/bin + +FROM alpine:3.15 + +ENV LOGDIR /var/log/vuls +ENV WORKDIR /vuls + +RUN apk add --no-cache \ + openssh-client \ + ca-certificates \ + git \ + nmap \ + && mkdir -p $WORKDIR $LOGDIR + +COPY --from=builder /go/bin/vuls /go/bin/trivy-to-vuls /go/bin/future-vuls /usr/local/bin/ + +VOLUME ["$WORKDIR", "$LOGDIR"] +WORKDIR $WORKDIR +ENV PWD $WORKDIR \ No newline at end of file