Skip to content

Commit

Permalink
Example Dockerfile
Browse files Browse the repository at this point in the history
  • Loading branch information
DarthHater committed Oct 17, 2019
1 parent 26cd63a commit f776247
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 0 deletions.
13 changes: 13 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
FROM ubuntu:latest

WORKDIR /tmp/ahab

COPY ahab .

RUN chmod +x ahab

RUN apt-get update && apt-get install -y ca-certificates

RUN update-ca-certificates

RUN dpkg-query --show --showformat='${Package} ${Version}\n' | ./ahab chase
13 changes: 13 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,19 @@ RUN dpkg-query --show --showformat='${Package} ${Version}\n' | ./ahab chase

Using this base image, you'd install all the packages necessary to run your application, and check it as a last step with `ahab` to ensure you aren't using anything vulnerable. From here, you'd use this base image to import your application, build it, etc... as you normally would, knowing you started from a clean base.

### See it work in Docker!

In this repo we have a Dockerfile that will copy in `ahab`, and run it on Ubuntu, to illustrate a failing Docker build.

To run this test:

```
$ GOOS=linux GOARCH=amd64 go build
$ docker build . -t test
```

You should see `ahab` run and fail the Docker build, due to some vulnerabilities in the base os packages (Ubuntu in this case)!

## Why Ahab?

[Captain Ahab](https://en.wikipedia.org/wiki/Captain_Ahab) was a person hell bent on killing a white whale.
Expand Down

0 comments on commit f776247

Please sign in to comment.