-
Notifications
You must be signed in to change notification settings - Fork 3
/
Dockerfile-GCP
39 lines (33 loc) · 1.37 KB
/
Dockerfile-GCP
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
# Copyright 2021-2023 Chris Farris <[email protected]>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
FROM python:3.11
LABEL maintainer="https://github.com/primeharbor/pht-prowler-searchcluster"
# Create nonroot user
RUN mkdir -p /home/prowler && \
echo 'prowler:x:1000:1000:prowler:/home/prowler:' > /etc/passwd && \
echo 'prowler:x:1000:' > /etc/group && \
chown -R prowler:prowler /home/prowler
COPY scripts/scan_gcp_org.sh /home/prowler/scan_gcp_org.sh
RUN chown prowler /home/prowler/scan_gcp_org.sh
RUN chmod 755 /home/prowler/scan_gcp_org.sh
# Install prowler as prowler
USER prowler
WORKDIR /home/prowler
ENV HOME='/home/prowler'
ENV PATH="$HOME/.local/bin:$PATH"
RUN pip install --no-cache-dir --upgrade pip
RUN git clone https://github.com/prowler-cloud/prowler.git
RUN cd prowler ; pip install --no-cache-dir .
RUN pip install awscli
CMD /home/prowler/scan_gcp_org.sh