-
Notifications
You must be signed in to change notification settings - Fork 14
/
Dockerfile-ubi
41 lines (35 loc) · 1.69 KB
/
Dockerfile-ubi
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
# Mondoo Multi-Architecture Container Dockerfile
#
# To build with BuildX: docker buildx build --build-arg VERSION=5.21.0 --platform
# linux/amd64,linux/arm64 -t mondoolabs/mondoo:5.21.0 . --push
FROM registry.access.redhat.com/ubi8-minimal AS root
ARG VERSION
ARG TARGETOS
ARG TARGETARCH
ARG TARGETVARIANT
ARG CNQUERY_BASEURL="https://releases.mondoo.com/cnquery/${VERSION}"
ARG CNQUERY_PACKAGE="cnquery_${VERSION}_${TARGETOS}_${TARGETARCH}${TARGETVARIANT}.tar.gz"
ARG CNSPEC_BASEURL="https://releases.mondoo.com/cnspec/${VERSION}"
ARG CNSPEC_PACKAGE="cnspec_${VERSION}_${TARGETOS}_${TARGETARCH}${TARGETVARIANT}.tar.gz"
RUN microdnf upgrade -y &&\
microdnf install wget tar gzip -y &&\
wget --quiet --output-document=SHA256SUMS ${CNQUERY_BASEURL}/cnquery_v${VERSION}_SHA256SUMS &&\
wget --quiet --output-document=${CNQUERY_PACKAGE} ${CNQUERY_BASEURL}/${CNQUERY_PACKAGE} &&\
cat SHA256SUMS | grep "${CNQUERY_PACKAGE}" | sha256sum -c - &&\
tar -xzC /usr/local/bin -f ${CNQUERY_PACKAGE} &&\
/usr/local/bin/cnquery version &&\
rm -f ${CNQUERY_PACKAGE} SHA256SUMS &&\
wget --quiet --output-document=SHA256SUMS ${CNSPEC_BASEURL}/cnspec_v${VERSION}_SHA256SUMS &&\
wget --quiet --output-document=${CNSPEC_PACKAGE} ${CNSPEC_BASEURL}/${CNSPEC_PACKAGE} &&\
cat SHA256SUMS | grep "${CNSPEC_PACKAGE}" | sha256sum -c - &&\
tar -xzC /usr/local/bin -f ${CNSPEC_PACKAGE} &&\
/usr/local/bin/cnspec version &&\
rm -f ${CNSPEC_PACKAGE} SHA256SUMS &&\
microdnf remove wget tar -y &&\
rm -rf /var/cache/dnf/*
RUN ln -s /usr/local/bin/cnspec /usr/local/bin/mondoo
ENTRYPOINT [ "cnspec" ]
CMD ["help"]
# Rootless version of the container
FROM root AS rootless
USER 100:101