Consolidate docker sections in Readme.md and Dockerfile.md

see #1791
This commit is contained in:
Dirk Wetter 2020-11-27 16:53:28 +01:00
parent 7dac1a20f7
commit 7c835470be
2 changed files with 37 additions and 24 deletions

View File

@ -1,7 +1,26 @@
## Usage: ## Usage
### From git directory
(in git directory):
``` ```
git checkout 3.0
git pull
docker build .
```
Catch is when you run without image tags you need to catch the ID when building
```
[..]
---> 889fa2f99933
Successfully built 889fa2f99933
```
More comfortable is
```
git checkout 3.0
git pull
docker build -t mytestssl . docker build -t mytestssl .
docker run --rm -t mytestssl example.com docker run --rm -t mytestssl example.com
``` ```
@ -13,22 +32,22 @@ docker run -t mytestssl --help
docker run --rm -t mytestssl -p --header example.com docker run --rm -t mytestssl -p --header example.com
``` ```
or pull the image from dockerhub and run: ### From dockerhub
You can pull the image from dockerhub and run:
``` ```
docker run --rm -t drwetter/testssl.sh --pfs example.com docker run --rm -t drwetter/testssl.sh:3.0 --fs example.com
``` ```
Tags supported are: ``latest``, ``stable`` which _for now_ are all the same and point to ``3.0``. Other tags supported are: ``3.1dev`` and ``latest``. They the same, i.e. the rolling release. ``3.0`` is the latest stable version from git which might have a few improvements (see git log) over the released 3.0.X.
``docker run --rm -t drwetter/testssl.sh:stable example.com``. ``docker run --rm -t drwetter/testssl.sh:3.0 example.com``.
And for the indomitable users who prefer to run old stuff you can use the tag ``2.9.5``. Please note ``2.9dev`` should not be used anymore. Keep in mind that any output file (--log, --html, --json etc.) will be created in the container. If you wish to have this created in a local directory on your host you can mount a volume into the container and change the output prefix where the container user has write access to, e.g.:
Keep in mind that any output file (--log, --html, --json etc.) will be created in the container. If you wish to have this created in a local directory you can mount a volume into the container and change the output prefix where the container user has write access to, e.g.:
``` ```
docker run --rm -t -v /tmp:/data drwetter/testssl.sh --htmlfile /data/ example.com docker run --rm -t -v /tmp:/data drwetter/testssl.sh:3.0 --htmlfile /data/ example.com
``` ```
which writes the output to ``/tmp/example.com_p443-<date>-<time>.html.`` The uid/gid is the one from the docker user but normally the file is 644. testssl.sh's docker container uses a non-root user (usually with user/groupid 1000:1000). which writes the HTML output to ``/tmp/example.com_p443-<date>-<time>.html.`` The uid/gid is the one from the docker user but normally the file is 644. testssl.sh's docker container uses a non-root user (usually with user/groupid 1000:1000).

View File

@ -36,7 +36,7 @@ to get bugfixes, other feedback and more contributions.
testssl.sh is working on every Linux/BSD distribution out of the box. Latest by 2.9dev testssl.sh is working on every Linux/BSD distribution out of the box. Latest by 2.9dev
most of the limitations of disabled features from the openssl client are gone most of the limitations of disabled features from the openssl client are gone
due to bash-socket-based checks. As a result you can also use e.g. LibreSSL or OpenSSL due to bash-socket-based checks. As a result you can also use e.g. LibreSSL or OpenSSL
1.1.1 . testssl.sh also works on other unixoid system out of the box, supposed they have 1.1.1 . testssl.sh also works on other unixoid systems out of the box, supposed they have
`/bin/bash` >= version 3.2 and standard tools like sed and awk installed. An implicit `/bin/bash` >= version 3.2 and standard tools like sed and awk installed. An implicit
(silent) check for binaries is done when you start testssl.sh . System V needs probably (silent) check for binaries is done when you start testssl.sh . System V needs probably
to have GNU grep installed. MacOS X and Windows (using MSYS2, Cygwin or WSL) work too. to have GNU grep installed. MacOS X and Windows (using MSYS2, Cygwin or WSL) work too.
@ -49,8 +49,7 @@ You can download testssl.sh by cloning this git repository:
git clone --depth 1 https://github.com/drwetter/testssl.sh.git git clone --depth 1 https://github.com/drwetter/testssl.sh.git
and checkout the 3.0 branch. For this stable version you also can help yourself by downloading the [ZIP](https://github.com/drwetter/testssl.sh/archive/3.0.2.zip) or [tar.gz](https://github.com/drwetter/testssl.sh/archive/3.0.2.zip) archive. Then and checkout the 3.0 branch. For the stable version help yourself by downloading the [ZIP](https://codeload.github.com/drwetter/testssl.sh/zip/3.0.4) or [tar.gz](https://codeload.github.com/drwetter/testssl.sh/tar.gz/3.0.4) archive. Just ``cd`` to the directory created (=INSTALLDIR) and run it off there.
just ``cd`` to the directory created (=INSTALLDIR) and run it off there.
#### Docker #### Docker
@ -58,23 +57,18 @@ Testssl.sh has minimal requirements. As stated you don't have to install or buil
``` ```
docker run --rm -ti drwetter/testssl.sh:3.0 <your_cmd_line> docker run --rm -ti drwetter/testssl.sh:3.0 <your_cmd_line>
``` ```
Or if you have cloned this repo you also can just ``cd`` to the INSTALLDIR and run Or if you have cloned this repo you also can just ``cd`` to the INSTALLDIR (change to 3.0, do a git pull) and run
``` ```
docker build . docker build . -t drfooimage && docker run --rm -t drfooimage example.com
``` ```
followed by ``docker run -ti <ID> <your_cmd_line>`` where ``ID`` is the identifier in the last line from the build command like For more please consult [Dockerfile.md](https://github.com/drwetter/testssl.sh/blob/3.0/Dockerfile.md).
```
---> 889fa2f99933
Successfully built 889fa2f99933
```
### Status ### Status
This is the stable 3.0 version. That means you can and should use it for production and let us know if you encounter any additional bugs. Features implemented in 3.0 are listed in the [Changelog](https://github.com/drwetter/testssl.sh/blob/3.0/CHANGELOG.md). Support for 2.9.5 has been dropped. This is the stable 3.0 version. That means you can and should use it for production and let us know if you encounter any additional bugs. Features implemented in 3.0 are listed in the [Changelog](https://github.com/drwetter/testssl.sh/blob/3.0/CHANGELOG.md). Support for 2.9.5 has been dropped.
The version 3.0 will receive bugfixes, labled as 3.0.1, 3.0.2 and so on. This will happen until 3.2 is released. Development is taking place in the [3.1dev](https://github.com/drwetter/testssl.sh/tree/3.1dev) branch which will eventually lead to version 3.2. We try to keep 3.1dev as solid as possible but things will certainly change in 3.1dev. Think of the 3.1dev branch like a rolling release. The version 3.0 receives bugfixes, labeled as 3.0.1, 3.0.2 and so on. This will happen until 3.2 is released. Development is taking place in the [3.1dev](https://github.com/drwetter/testssl.sh/tree/3.1dev) branch which will eventually lead to version 3.2. We try to keep 3.1dev as solid as possible but things will certainly change in 3.1dev. Think of the 3.1dev branch like a rolling release.
### Documentation ### Documentation