mirror of
https://github.com/VictoriaMetrics/VictoriaMetrics.git
synced 2024-11-21 14:44:00 +00:00
deployment/docker/Makefile: added docker-scan (#2916)
* deployment/docker/Makefile: added docker-scan docker-scan based on native 'docker scan' function that use snyk.io, see https://docs.docker.com/engine/scan/ * set to call 'docker-scan after release binaries but before publishing
This commit is contained in:
parent
bf65709540
commit
5d364545bd
2 changed files with 4 additions and 1 deletions
2
Makefile
2
Makefile
|
@ -29,7 +29,7 @@ all: \
|
|||
clean:
|
||||
rm -rf bin/*
|
||||
|
||||
publish: \
|
||||
publish: docker-scan \
|
||||
publish-victoria-metrics \
|
||||
publish-vmagent \
|
||||
publish-vmalert \
|
||||
|
|
|
@ -16,6 +16,9 @@ package-base:
|
|||
--tag $(BASE_IMAGE) \
|
||||
deployment/docker/base
|
||||
|
||||
docker-scan: package-base
|
||||
docker scan --accept-license $(BASE_IMAGE) || (echo "❌ The build has been terminated because critical vulnerabilities were found in $(BASE_IMAGE)"; exit 1)
|
||||
|
||||
package-builder:
|
||||
(docker image ls --format '{{.Repository}}:{{.Tag}}' | grep -q '$(BUILDER_IMAGE)$$') \
|
||||
|| docker build \
|
||||
|
|
Loading…
Reference in a new issue