-
Notifications
You must be signed in to change notification settings - Fork 12
/
Dockerfile
31 lines (20 loc) · 992 Bytes
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
FROM alpine as builder
COPY fake-rhel.tgz /
RUN mkdir /fake-rhel && tar x -C /fake-rhel -z -f /fake-rhel.tgz
# FROM gcr.io/argus-deploy/rhel7-bruce:latest as rhel-builder
FROM scratch
# This should trick clair into thinking the system is alpine
COPY --from=builder /etc/alpine-release /etc/alpine-release
# This will trigger at least 3 medium vulnerabilities in apache2
COPY lib-apk-db-installed /lib/apk/db/installed
# This will trigger a malware finding
ADD https://secure.eicar.org/eicar.com /eicar.com
# This will trigger a content finding for a private key in PEM format
COPY private_unencrypted.pem /private_unencrypted.pem
# This will trigger an oscap finding for wordpress
COPY wpversion /fake/wp-includes/version.php
# This will trigger the checklist scanner
COPY --from=builder /fake-rhel /
#COPY --from=rhel-builder /etc/redhat-release /etc/system-release-cpe /etc/
#COPY --from=rhel-builder /usr/lib/rpm /usr/lib/rpm
#COPY --from=rhel-builder /var/lib/rpm /var/lib/rpm