Add security-scanner
This commit is contained in:
jalr
parent
b204cc06c4
commit
809a5e6012
16 changed files with 287 additions and 24 deletions
21
Makefile
21
Makefile
|
|
@ -2,7 +2,8 @@ PACKER_VERSION ?= 1.2.0
|
|||
ANNOUNCE ?= http://10.2.2.1:6969/announce
|
||||
WEBSEED ?= http://10.2.2.1
|
||||
|
||||
DOCKER_IMAGE ?= labsync-builder
|
||||
DOCKER_IMAGE_BUILDER ?= labsync-builder
|
||||
DOCKER_IMAGE_SECURITY_SCANNER ?= security-scanner
|
||||
|
||||
CWD=$(abspath $(patsubst %/,%,$(dir $(abspath $(lastword $(MAKEFILE_LIST))))))
|
||||
|
||||
|
|
@ -32,16 +33,20 @@ fi \
|
|||
ci_environment=$(shell env | sed -n 's/^\(CI_.*\)=.*/-e \1/p')
|
||||
|
||||
.PHONY: default
|
||||
default: dockerimg images/debian-stretch.squashfs
|
||||
default: builderimg images/debian-stretch.squashfs
|
||||
|
||||
.PHONY: clean
|
||||
clean:
|
||||
rm -f images/*
|
||||
rm -rf tmp
|
||||
|
||||
.PHONY: dockerimg
|
||||
dockerimg:
|
||||
docker build --pull -t "$(DOCKER_IMAGE)" --cache-from "$(DOCKER_IMAGE)" --build-arg "PACKER_VERSION=$(PACKER_VERSION)" docker
|
||||
.PHONY: builderimg
|
||||
builderimg:
|
||||
docker build --pull -t "$(DOCKER_IMAGE_BUILDER)" --cache-from "$(DOCKER_IMAGE_BUILDER)" --build-arg "PACKER_VERSION=$(PACKER_VERSION)" builder
|
||||
|
||||
.PHONY: secscanimg
|
||||
secscanimg:
|
||||
docker build --pull -t "$(DOCKER_IMAGE_SECURITY_SCANNER)" --cache-from "$(DOCKER_IMAGE_SECURITY_SCANNER)" security-scanner
|
||||
|
||||
images:
|
||||
[ ! -d "$@" ] && mkdir "$@"
|
||||
|
|
@ -61,7 +66,7 @@ images/debian-stretch.squashfs: images
|
|||
-e "WEBSEED=$(WEBSEED)" \
|
||||
-e "COMPRESSION_LEVEL=$(COMPRESSION_LEVEL)" \
|
||||
$(ci_environment) \
|
||||
"$(DOCKER_IMAGE)" \
|
||||
"$(DOCKER_IMAGE_BUILDER)" \
|
||||
debian-stretch
|
||||
|
||||
images/debian-stretch.torrent: images
|
||||
|
|
@ -73,7 +78,7 @@ images/debian-stretch.torrent: images
|
|||
-e "ANNOUNCE=$(ANNOUNCE)" \
|
||||
-e "WEBSEED=$(WEBSEED)" \
|
||||
-e "TASK=torrent" \
|
||||
"$(DOCKER_IMAGE)" \
|
||||
"$(DOCKER_IMAGE_BUILDER)" \
|
||||
debian-stretch
|
||||
|
||||
.PHONY: ansible
|
||||
|
|
@ -88,7 +93,7 @@ ansible:
|
|||
-e "TASK=ansible" \
|
||||
-v "${SSH_AUTH_SOCK}:/var/run/ssh_auth_sock" \
|
||||
-e "SSH_AUTH_SOCK=/var/run/ssh_auth_sock" \
|
||||
"$(DOCKER_IMAGE)" \
|
||||
"$(DOCKER_IMAGE_BUILDER)" \
|
||||
-i inventories \
|
||||
$(if $(ANSIBLE_TAGS),-t $(ANSIBLE_TAGS),) \
|
||||
-l $(ANSIBLE_LIMIT) \
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue