-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
76 lines (65 loc) · 3.08 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
# ==============================================================================
# Add https://gitlab.com/pipeline-components/org/base-entrypoint
# ------------------------------------------------------------------------------
FROM pipelinecomponents/base-entrypoint:0.5.0 as entrypoint
# ==============================================================================
# Build process
# ------------------------------------------------------------------------------
FROM python:3.13.3-alpine3.21 as build
ENV PYTHONUSERBASE /app
ENV PATH "$PATH:/app/bin/"
WORKDIR /app/
COPY app /app/
# Adding dependencies
# hadolint ignore=DL3018
RUN apk add --no-cache libffi && \
apk add --no-cache --virtual .build \
build-base libffi-dev
# hadolint ignore=DL3013
RUN pip3 install --user --no-cache-dir --prefer-binary \
--find-links https://wheels.home-assistant.io/musllinux/ \
-r requirements.txt
# ==============================================================================
# Component specific
# ------------------------------------------------------------------------------
FROM python:3.13.3-alpine3.21
# Adding dependencies
# hadolint ignore=DL3018
RUN apk add --no-cache git libffi
ENV PATH "$PATH:/app/bin/"
ENV PYTHONUSERBASE /app
COPY --from=build /app /app
# ==============================================================================
# Generic for all components
# ------------------------------------------------------------------------------
COPY --from=entrypoint /entrypoint.sh /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]
ENV DEFAULTCMD checkov
WORKDIR /code/
# ==============================================================================
# Container meta information
# ------------------------------------------------------------------------------
ARG BUILD_DATE
ARG BUILD_REF
LABEL \
maintainer="Robbert Müller <[email protected]>" \
org.opencontainers.image.title="Checkov" \
org.opencontainers.image.description="${BUILD_DESCRIPTION}" \
org.opencontainers.image.vendor="Pipeline Components" \
org.opencontainers.image.authors="Robbert Müller <[email protected]>" \
org.opencontainers.image.licenses="MIT" \
org.opencontainers.image.url="https://pipeline-components.dev/" \
org.opencontainers.image.source="https://gitlab.com/pipeline-components/checkov/" \
org.opencontainers.image.documentation="https://gitlab.com/pipeline-components/checkov/blob/main/README.md" \
org.opencontainers.image.created=${BUILD_DATE} \
org.opencontainers.image.revision=${BUILD_REF} \
org.opencontainers.image.version=${BUILD_VERSION} \
org.label-schema.build-date=${BUILD_DATE} \
org.label-schema.description="Checkov in a container for gitlab-ci" \
org.label-schema.name="Checkov" \
org.label-schema.schema-version="1.0" \
org.label-schema.url="https://pipeline-components.dev/" \
org.label-schema.usage="https://gitlab.com/pipeline-components/checkov/blob/main/README.md" \
org.label-schema.vcs-ref=${BUILD_REF} \
org.label-schema.vcs-url="https://gitlab.com/pipeline-components/checkov/" \
org.label-schema.vendor="Pipeline Components"