-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
41 lines (35 loc) · 1.31 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#
# OWASP Dependency Checker container image.
#
# $ ./scripts/build --help
#
# Build with custom arguments:
#
# $ ./scripts/build --release 8.2.1 --jdk 17.0.6_10
#
ARG jdk=17.0.6_10
FROM eclipse-temurin:${jdk}-jre
ARG release=8.2.1
LABEL org.opencontainers.image.authors="Sascha Peilicke <sascha@peilicke.de"
LABEL org.opencontainers.image.source="https://github.com/saschpe/docker-dependency-checker"
LABEL org.opencontainers.image.title="OWASP Dependency Checker"
ENV user=dc
# Fetch and install
RUN apt-get update && apt-get install -y --no-install-recommends \
mono-runtime unzip wget
RUN wget --quiet https://github.com/jeremylong/DependencyCheck/releases/download/v${release}/dependency-check-${release}-release.zip -O /tmp/dc.zip && \
unzip -q /tmp/dc.zip -d /opt && \
rm -r /tmp/dc.zip && \
apt-get remove --purge -y unzip wget && \
apt-get autoremove -y && \
rm -rf /var/lib/apt/lists/* /tmp/*k && \
useradd --system --no-create-home --user-group ${user} && \
mkdir -p /opt/dependency-check/data && \
chown -R ${user}:${user} /opt/dependency-check/
USER ${user}
# Update CVE database initially
RUN /opt/dependency-check/bin/dependency-check.sh --updateonly
VOLUME /src /opt/dependency-check/data
WORKDIR /src
CMD ["--help"]
ENTRYPOINT ["/opt/dependency-check/bin/dependency-check.sh"]