Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-30 21:35:26 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
633503cd17219766d2a77f18abefd3b4e6bd9be5
testssl.sh/Dockerfile
Dirk 633503cd17 Fix complaint wrt Lowercase "as"
2025-03-15 16:02:32 +01:00

50 lines
2.1 KiB
Docker
Raw Blame History

# syntax=docker.io/docker/dockerfile:1
ARG LEAP_VERSION=15.6
ARG INSTALL_ROOT=/rootfs
FROM opensuse/leap:${LEAP_VERSION} AS builder
ARG CACHE_ZYPPER=/tmp/cache/zypper
ARG INSTALL_ROOT
# /etc/os-release provides $VERSION_ID below.
# We don't need the openh264.repo and the non-oss repos, just costs build time (repo caches).
# Also we need to remove the util_linux RPM to /really/ make sure busybox-util-linux gets installed.
# And we need to run zypper update, see all PR #2424.
RUN source /etc/os-release \
&& rm -f /etc/zypp/repos.d/repo-openh264.repo /etc/zypp/repos.d/repo-non-oss.repo \
&& export ZYPPER_OPTIONS=( --releasever "${VERSION_ID}" --installroot "${INSTALL_ROOT}" --cache-dir "${CACHE_ZYPPER}" ) \
&& zypper "${ZYPPER_OPTIONS[@]}" --gpg-auto-import-keys refresh \
&& rpm -e util-linux --nodeps \
&& zypper "${ZYPPER_OPTIONS[@]}" --non-interactive install --download-in-advance --no-recommends \
bash procps grep gawk sed coreutils busybox ldns libidn2-0 socat openssl curl \
&& zypper up -y \
&& zypper "${ZYPPER_OPTIONS[@]}" clean --all
## Cleanup (reclaim approx 13 MiB):
# None of this content should be relevant to the container:
RUN rm -r "${INSTALL_ROOT}/usr/share/"{licenses,man,locale,doc,help,info}
# Functionality that the container doesn't need:
RUN rm "${INSTALL_ROOT}/usr/share/misc/termcap" \
&& rm -r "${INSTALL_ROOT}/usr/lib/sysimage/rpm"
# Create a new image with the contents of $INSTALL_ROOT
FROM scratch
ARG INSTALL_ROOT
COPY --link --from=builder ${INSTALL_ROOT} /
# Link busybox to tar, see #2403. Create user + (home with SGID set):
RUN ln -s /usr/bin/busybox /usr/bin/tar \
&& ln -s /usr/bin/busybox /usr/bin/hexdump \
&& echo 'testssl:x:1000:1000::/home/testssl:/bin/bash' >> /etc/passwd \
&& echo 'testssl:x:1000:' >> /etc/group \
&& echo 'testssl:!::0:::::' >> /etc/shadow \
&& install --mode 2755 --owner testssl --group testssl --directory /home/testssl \
&& ln -s /home/testssl/testssl.sh /usr/local/bin/
# Copy over build context (after filtered by .dockerignore): bin/ etc/ testssl.sh
COPY --chown=testssl:testssl . /home/testssl/
USER testssl
ENTRYPOINT ["testssl.sh"]
CMD ["--help"]
Reference in New Issue View Git Blame Copy Permalink