25 lines
586 B
Docker
25 lines
586 B
Docker
|
|
FROM local/gitea-runner-base:latest
|
||
|
|
|
||
|
|
# security-scan runner profile: image and dependency scanning tooling.
|
||
|
|
USER root
|
||
|
|
RUN apk add --no-cache \
|
||
|
|
bash \
|
||
|
|
ca-certificates \
|
||
|
|
curl \
|
||
|
|
git \
|
||
|
|
jq \
|
||
|
|
make \
|
||
|
|
openssh-client \
|
||
|
|
python3 \
|
||
|
|
py3-pip \
|
||
|
|
rsync \
|
||
|
|
unzip \
|
||
|
|
yq \
|
||
|
|
zip
|
||
|
|
|
||
|
|
ARG TRIVY_VERSION=0.72.0
|
||
|
|
RUN curl -fsSL -o /tmp/trivy.tar.gz \
|
||
|
|
"https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" && \
|
||
|
|
tar -xzf /tmp/trivy.tar.gz -C /tmp && \
|
||
|
|
install -m 0755 /tmp/trivy /usr/local/bin/trivy && \
|
||
|
|
rm -f /tmp/trivy.tar.gz /tmp/trivy
|