elie/ssh-audit
1
0
Fork 0
mirror of https://github.com/jtesta/ssh-audit.git synced 2024-11-16 13:35:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

use alpine, reduce layers (#249)

Browse Source 
Signed-off-by: Daniel Thamdrup <dallemon@protonmail.com>
This commit is contained in:
Daniel Thamdrup 2024-03-13 02:02:26 +01:00 committed by GitHub
parent cb0f6b63d7
commit 6f39407a8c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 12 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
Dockerfile
View File

@ -1,16 +1,19 @@
FROM python:3-slim # syntax=docker/dockerfile:latest
FROM scratch AS files
WORKDIR / # Copy ssh-audit code to temporary container
COPY ssh-audit.py /
COPY src/ /
FROM python:3-alpine AS runtime
# Update the image to remediate any vulnerabilities. # Update the image to remediate any vulnerabilities.
RUN apt update && apt -y upgrade && apt -y dist-upgrade && rm -rf /var/lib/apt/lists/* RUN apk upgrade -U --no-cache -a -l && \
# Remove suid & sgid bits from all files. # Remove suid & sgid bits from all files.
RUN find / -xdev -perm /6000 -exec chmod ug-s {} \; 2> /dev/null || true find / -xdev -perm /6000 -exec chmod ug-s {} \; 2> /dev/null || true
# Copy the ssh-audit code. # Copy the ssh-audit code from files container.
COPY ssh-audit.py . COPY --from=files / /
COPY src/ .
# Allow listening on 2222/tcp for client auditing. # Allow listening on 2222/tcp for client auditing.
EXPOSE 2222 EXPOSE 2222