Loading Dockerfile +11 −4 Original line number Diff line number Diff line Loading @@ -3,19 +3,26 @@ FROM registry.cyberbrain.pw/tools/docker/grype:latest AS base FROM registry.cyberbrain.pw/tools/docker/alpine:latest AS common FROM common AS executor COPY --from=base /grype /grype RUN chmod +x /grype; /grype db update -v ENV GRYPE_CHECK_FOR_APP_UPDATE="false" \ GRYPE_DB_CACHE_DIR="/tmp/db" \ GRYPE_DB_AUTO_UPDATE="false" COPY --from=base /grype /bin/grype RUN set -ex && \ chmod a+x /bin/grype && \ mkdir -p ${GRYPE_DB_CACHE_DIR} && \ chmod -R 0777 ${GRYPE_DB_CACHE_DIR} && \ /bin/grype db update -v FROM common AS runtime ENV GRYPE_CHECK_FOR_APP_UPDATE="false" \ GRYPE_DB_CACHE_DIR="/srv/grype/db" \ GRYPE_DB_AUTO_UPDATE="false" COPY --from=executor /grype /bin/ COPY --from=base /grype /bin/ RUN set -ex && \ chmod a+x /bin/grype && \ mkdir -p ${GRYPE_DB_CACHE_DIR} && \ chmod -R 0777 ${GRYPE_DB_CACHE_DIR} COPY --from=executor /root/.cache/grype/db ${GRYPE_DB_CACHE_DIR} COPY --from=executor /tmp/db ${GRYPE_DB_CACHE_DIR} RUN set -ex && \ chmod -R 0555 ${GRYPE_DB_CACHE_DIR} LABEL org.label-schema.description="A vulnerability scanner for container images and filesystems (standalone)" Loading Loading
Dockerfile +11 −4 Original line number Diff line number Diff line Loading @@ -3,19 +3,26 @@ FROM registry.cyberbrain.pw/tools/docker/grype:latest AS base FROM registry.cyberbrain.pw/tools/docker/alpine:latest AS common FROM common AS executor COPY --from=base /grype /grype RUN chmod +x /grype; /grype db update -v ENV GRYPE_CHECK_FOR_APP_UPDATE="false" \ GRYPE_DB_CACHE_DIR="/tmp/db" \ GRYPE_DB_AUTO_UPDATE="false" COPY --from=base /grype /bin/grype RUN set -ex && \ chmod a+x /bin/grype && \ mkdir -p ${GRYPE_DB_CACHE_DIR} && \ chmod -R 0777 ${GRYPE_DB_CACHE_DIR} && \ /bin/grype db update -v FROM common AS runtime ENV GRYPE_CHECK_FOR_APP_UPDATE="false" \ GRYPE_DB_CACHE_DIR="/srv/grype/db" \ GRYPE_DB_AUTO_UPDATE="false" COPY --from=executor /grype /bin/ COPY --from=base /grype /bin/ RUN set -ex && \ chmod a+x /bin/grype && \ mkdir -p ${GRYPE_DB_CACHE_DIR} && \ chmod -R 0777 ${GRYPE_DB_CACHE_DIR} COPY --from=executor /root/.cache/grype/db ${GRYPE_DB_CACHE_DIR} COPY --from=executor /tmp/db ${GRYPE_DB_CACHE_DIR} RUN set -ex && \ chmod -R 0555 ${GRYPE_DB_CACHE_DIR} LABEL org.label-schema.description="A vulnerability scanner for container images and filesystems (standalone)" Loading
