-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
55 lines (42 loc) · 2.49 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
FROM alpine:3.18.2
ENV TRUFFLEHOG_VERSION="3.44.0"
ENV TRUFFLEHOG_OS="linux"
ENV TRUFFLEHOG_ARCH="amd64"
ENV ENVTEMPLATE_VERSION="0.2.0"
ENV ENVTEMPLATE_OS="linux"
ENV ENVTEMPLATE_ARCH="amd64"
ENV GITLEAKS_VERSION="8.17.0"
ENV GITLEAKS_OS="linux"
ENV GITLEAKS_ARCH="x64"
ENV OSV_SCANNER_VERSION="1.3.5"
ENV OSV_SCANNER_OS="linux"
ENV OSV_SCANNER_ARCH="amd64"
ENV TRIVY_VERSION="0.43.1"
ENV TRIVY_OS="Linux"
ENV TRIVY_ARCH="64bit"
RUN apk add curl wget
# Install trufflehog
RUN wget -q https://github.com/trufflesecurity/trufflehog/releases/download/v${TRUFFLEHOG_VERSION}/trufflehog_${TRUFFLEHOG_VERSION}_${TRUFFLEHOG_OS}_${TRUFFLEHOG_ARCH}.tar.gz && \
tar zxvf trufflehog_${TRUFFLEHOG_VERSION}_${TRUFFLEHOG_OS}_${TRUFFLEHOG_ARCH}.tar.gz trufflehog -C /usr/bin && \
rm trufflehog_${TRUFFLEHOG_VERSION}_${TRUFFLEHOG_OS}_${TRUFFLEHOG_ARCH}.tar.gz && \
chmod +x /usr/bin/trufflehog
# Install envtemplate
RUN wget -q https://github.com/sgaunet/envtemplate/releases/download/v${ENVTEMPLATE_VERSION}/envtemplate_${ENVTEMPLATE_VERSION}_${ENVTEMPLATE_OS}_${ENVTEMPLATE_ARCH} && \
mv envtemplate_${ENVTEMPLATE_VERSION}_${ENVTEMPLATE_OS}_${ENVTEMPLATE_ARCH} /usr/bin/envtemplate && \
chmod +x /usr/bin/envtemplate
# Install gitleaks
RUN wget -q https://github.com/zricethezav/gitleaks/releases/download/v${GITLEAKS_VERSION}/gitleaks_${GITLEAKS_VERSION}_${GITLEAKS_OS}_${GITLEAKS_ARCH}.tar.gz && \
tar zxvf gitleaks_${GITLEAKS_VERSION}_${GITLEAKS_OS}_${GITLEAKS_ARCH}.tar.gz gitleaks && \
rm gitleaks_${GITLEAKS_VERSION}_${GITLEAKS_OS}_${GITLEAKS_ARCH}.tar.gz && \
mv gitleaks /usr/bin/gitleaks && \
chmod +x /usr/bin/gitleaks
# Install osv-scanner
RUN echo https://github.com/google/osv-scanner/releases/download/v${OSV_SCANNER_VERSION}/osv-scanner_${OSV_SCANNER_VERSION}_${OSV_SCANNER_OS}_${OSV_SCANNER_ARCH}
RUN wget -q https://github.com/google/osv-scanner/releases/download/v${OSV_SCANNER_VERSION}/osv-scanner_${OSV_SCANNER_VERSION}_${OSV_SCANNER_OS}_${OSV_SCANNER_ARCH} && \
mv osv-scanner_${OSV_SCANNER_VERSION}_${OSV_SCANNER_OS}_${OSV_SCANNER_ARCH} /usr/bin/osv-scanner && \
chmod +x /usr/bin/osv-scanner
# Install trivy
RUN wget -q https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_${TRIVY_OS}-${TRIVY_ARCH}.tar.gz && \
tar zxvf trivy_${TRIVY_VERSION}_${TRIVY_OS}-${TRIVY_ARCH}.tar.gz trivy -C /usr/bin && \
rm trivy_${TRIVY_VERSION}_${TRIVY_OS}-${TRIVY_ARCH}.tar.gz && \
chmod +x /usr/bin/trivy