Skip to content
This repository has been archived by the owner on Jun 6, 2023. It is now read-only.

Commit

Permalink
bumping curl 7.81.0, bumping to alpine 3.15.0, added grype scanning
Browse files Browse the repository at this point in the history
  • Loading branch information
@xquery
xquery committed Jan 5, 2022
1 parent 6dab571 commit fa50613
Show file tree
Hide file tree
Showing 4 changed files with 12 additions and 12 deletions.
2 changes: 1 addition & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
# set options
#***************************************************************************

export LATEST_RELEASE_VERSION=7_80_0
export LATEST_RELEASE_VERSION=7_81_0
export LATEST_RELEASE_TAG=curl-${LATEST_RELEASE_VERSION}
export DOCKER_CLI_EXPERIMENTAL=enabled

Expand Down
8 changes: 4 additions & 4 deletions alpine/latest/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,9 @@
#
# SPDX-License-Identifier: MIT
#
# pinning builder image to Alpine 3.14.2
# pinning builder image to Alpine 3.15.0
###############################################################
FROM registry.hub.docker.com/library/alpine:3.14.2 AS builder
FROM registry.hub.docker.com/library/alpine:3.15.0 AS builder

###############################################################
# set build args
Expand Down Expand Up @@ -49,9 +49,9 @@ RUN ./buildconf && \
make DESTDIR="/alpine/" install -j$(nproc)

###############################################################
# pinning image to Alpine 3.14.2
# pinning image to Alpine 3.15.0
###############################################################
FROM registry.hub.docker.com/library/alpine:3.14.2
FROM registry.hub.docker.com/library/alpine:3.15.0

ARG CURL_RELEASE_TAG=latest
ARG CURL_RELEASE_VERSION
Expand Down
10 changes: 5 additions & 5 deletions alpine/latest/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,8 @@ buildtest:
docker build ${DOCKER_BUILD_OPTS} ${DOCKER_BUILD_ARGS} -t "curl/curl:scan-test" -f scanDockerfile .

multibuild:
docker buildx build ${DOCKER_BUILD_OPTS} ${DOCKER_BUILD_ARGS} -t "curlimages/curl:7.80.0" --platform=${DOCKER_MULTI_ARCH} -f Dockerfile . --push
docker buildx imagetools create docker.io/curlimages/curl:7.80.0 --tag curlimages/curl:latest
docker buildx build ${DOCKER_BUILD_OPTS} ${DOCKER_BUILD_ARGS} -t "curlimages/curl:7.81.0" --platform=${DOCKER_MULTI_ARCH} -f Dockerfile . --push
docker buildx imagetools create docker.io/curlimages/curl:7.81.0 --tag curlimages/curl:latest

lint:
docker run --rm --privileged -v ${PWD}:/root/ projectatomic/dockerfile-lint dockerfile_lint -p -f Dockerfile
Expand All @@ -16,8 +16,8 @@ test:
docker run --rm curl/curl:${LATEST_RELEASE_VERSION} -S http://httpbin.org/get

push-registry:
docker tag curl/curl:${LATEST_RELEASE_VERSION} curlimages/curl:7.80.0
docker push curlimages/curl:7.80.0
docker tag curl/curl:${LATEST_RELEASE_VERSION} curlimages/curl:7.81.0
docker push curlimages/curl:7.81.0
docker tag curl/curl:${LATEST_RELEASE_VERSION} curlimages/curl:latest
docker push curlimages/curl:latest

Expand All @@ -26,7 +26,7 @@ scan: buildtest
docker run --rm -it curl/curl:scan-test clamscan -r -i --exclude-dir=^/sys || true
docker run --rm -it curl/curl:scan-test lynis audit system
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v /tmp:/root/.cache/ aquasec/trivy curl/curl:${LATEST_RELEASE_VERSION}
curl -s https://ci-tools.anchore.io/inline_scan-v0.6.1 | bash -s -- -p -r "curl/curl:${LATEST_RELEASE_VERSION}"
curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin && grype curl/curl:${LATEST_RELEASE_VERSION}

clean:
rm -Rf curl
Expand Down
4 changes: 2 additions & 2 deletions alpine/latest/scanDockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
#
# image for scanning
###############################################################
FROM curl/curl:7_80_0
FROM curl/curl:7_81_0

USER root

Expand All @@ -17,7 +17,7 @@ RUN \

RUN apk update

RUN apk add bash build-base clamav clamav-dev cvechecker unrar linux-headers
RUN apk add bash build-base clamav cvechecker linux-headers
RUN apk add --no-cache -X http://dl-cdn.alpinelinux.org/alpine/edge/testing lynis

RUN curl https://sourceforge.net/projects/rkhunter/files/rkhunter/1.4.6/rkhunter-1.4.6.tar.gz/download -v -L -o rkhunter-1.4.6.tar.gz
Expand Down

0 comments on commit fa50613

Please sign in to comment.