1
0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-11-22 08:08:07 +00:00

Add Dockerfile build

This commit is contained in:
Amir Jerbi 2017-06-20 09:53:34 +03:00
parent f9592f15bb
commit ebc58dcb58
2 changed files with 30 additions and 0 deletions

19
Dockerfile Normal file
View File

@ -0,0 +1,19 @@
FROM golang:1.4.1
RUN mkdir /kube-bench
WORKDIR /kube-bench
RUN wget https://raw.githubusercontent.com/aquasecurity/kubernetes-bench-security/master/cfg/config.yaml && \
wget https://raw.githubusercontent.com/aquasecurity/kubernetes-bench-security/master/cfg/federated.yaml && \
wget https://raw.githubusercontent.com/aquasecurity/kubernetes-bench-security/master/cfg/master.yaml && \
wget https://raw.githubusercontent.com/aquasecurity/kubernetes-bench-security/master/cfg/node.yaml
RUN go get github.com/aquasecurity/kubernetes-bench-security
RUN cp /go/bin/kubernetes-bench-security /kube-bench/ && chmod +x /kube-bench/kubernetes-bench-security
FROM alpine:latest
RUN mkdir -p /kube-bench/cfg
COPY --from=0 /kube-bench/kubernetes-bench-security /kube-bench/kube-bench
COPY --from=0 /kube-bench/config.yaml /kube-bench/cfg/config.yaml
COPY --from=0 /kube-bench/federated.yaml /kube-bench/cfg/federated.yaml
COPY --from=0 /kube-bench/master.yaml /kube-bench/cfg/master.yaml
COPY --from=0 /kube-bench/node.yaml /kube-bench/cfg/node.yaml
ADD entrypoint.sh /entrypoint.sh
ENTRYPOINT /entrypoint.sh

11
entrypoint.sh Executable file
View File

@ -0,0 +1,11 @@
#!/bin/sh
if [ -d /host ]; then
mkdir -p /host/cfg/
yes | cp -rf ./kube-bench/cfg/* /host/cfg/
yes | cp -rf ./kube-bench/kube-bench /host/
echo "=== You can now run ./kube-bench from your host ==="
else
echo "Error: please mount a host directory as /host volume"
echo "docker run --rm -v `pwd`:/host aquasec/kube-bench"
exit
fi