Skip to content

Commit

Permalink
chore(docker-jans): add support for extra build/scan args (#4834)
Browse files Browse the repository at this point in the history 
Former-commit-id: f5eed0a
  • Loading branch information
@iromli
iromli authored May 8, 2023
1 parent 328cb3f commit 982921f
Show file tree
Hide file tree
Showing 10 changed files with 136 additions and 51 deletions.
4 changes: 4 additions & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -159,3 +159,7 @@ data-sources.json
.settings
.classpath
.project

# scanner reports
trivy.json
grype.json
21 changes: 15 additions & 6 deletions demos/benchmarking/docker-jans-loadtesting-jmeter/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,26 @@ CN_VERSION?=1.0.13-SNAPSHOT
IMAGE_NAME=ghcr.io/janssenproject/jans/demo_loadtesting
DEV_VERSION?=$(shell echo ${CN_VERSION} | cut -d '-' -f 1)_dev

# pass extra build args, i.e. `make build-dev BUILD_ARGS="--no-cache"`
BUILD_ARGS?=

# pass extra trivy args, i.e. `make trivy-scan TRIVY_ARGS="-f json"`
TRIVY_ARGS?=

# pass extra grype args, i.e. `make grype-scan GRYPE_ARGS="-o json"`
GRYPE_ARGS?=

.PHONY: test clean all build-dev trivy-scan grype-scan
.DEFAULT_GOAL := build-dev

build-dev:
@echo "[I] Building Docker image ${IMAGE_NAME}:${DEV_VERSION}"
@docker build --rm --force-rm -t ${IMAGE_NAME}:${DEV_VERSION} .
@echo "[I] Building OCI image ${IMAGE_NAME}:${DEV_VERSION}"
@docker build --rm --force-rm ${BUILD_ARGS} -t ${IMAGE_NAME}:${DEV_VERSION} .

trivy-scan:
@echo "[I] Scanning Docker image ${IMAGE_NAME}:${DEV_VERSION} using trivy"
@trivy image --security-checks vuln ${IMAGE_NAME}:${DEV_VERSION}
@echo "[I] Scanning OCI image ${IMAGE_NAME}:${DEV_VERSION} using trivy"
@trivy image --security-checks vuln ${TRIVY_ARGS} ${IMAGE_NAME}:${DEV_VERSION}

grype-scan:
@echo "[I] Scanning Docker image ${IMAGE_NAME}:${DEV_VERSION} using grype"
@grype -v ${IMAGE_NAME}:${DEV_VERSION}
@echo "[I] Scanning OCI image ${IMAGE_NAME}:${DEV_VERSION} using grype"
@grype -v ${GRYPE_ARGS} ${IMAGE_NAME}:${DEV_VERSION}
21 changes: 15 additions & 6 deletions docker-jans-auth-server/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,26 @@ CN_VERSION?=1.0.13-SNAPSHOT
IMAGE_NAME=ghcr.io/janssenproject/jans/auth-server
DEV_VERSION?=$(shell echo ${CN_VERSION} | cut -d '-' -f 1)_dev

# pass extra build args, i.e. `make build-dev BUILD_ARGS="--no-cache"`
BUILD_ARGS?=

# pass extra trivy args, i.e. `make trivy-scan TRIVY_ARGS="-f json"`
TRIVY_ARGS?=

# pass extra grype args, i.e. `make grype-scan GRYPE_ARGS="-o json"`
GRYPE_ARGS?=

.PHONY: test clean all build-dev trivy-scan grype-scan
.DEFAULT_GOAL := build-dev

build-dev:
@echo "[I] Building Docker image ${IMAGE_NAME}:${DEV_VERSION}"
@docker build --rm --force-rm -t ${IMAGE_NAME}:${DEV_VERSION} .
@echo "[I] Building OCI image ${IMAGE_NAME}:${DEV_VERSION}"
@docker build --rm --force-rm ${BUILD_ARGS} -t ${IMAGE_NAME}:${DEV_VERSION} .

trivy-scan:
@echo "[I] Scanning Docker image ${IMAGE_NAME}:${DEV_VERSION} using trivy"
@trivy image --security-checks vuln ${IMAGE_NAME}:${DEV_VERSION}
@echo "[I] Scanning OCI image ${IMAGE_NAME}:${DEV_VERSION} using trivy"
@trivy image --security-checks vuln ${TRIVY_ARGS} ${IMAGE_NAME}:${DEV_VERSION}

grype-scan:
@echo "[I] Scanning Docker image ${IMAGE_NAME}:${DEV_VERSION} using grype"
@grype -v ${IMAGE_NAME}:${DEV_VERSION}
@echo "[I] Scanning OCI image ${IMAGE_NAME}:${DEV_VERSION} using grype"
@grype -v ${GRYPE_ARGS} ${IMAGE_NAME}:${DEV_VERSION}
21 changes: 15 additions & 6 deletions docker-jans-certmanager/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,26 @@ CN_VERSION?=1.0.13-SNAPSHOT
IMAGE_NAME=ghcr.io/janssenproject/jans/certmanager
DEV_VERSION?=$(shell echo ${CN_VERSION} | cut -d '-' -f 1)_dev

# pass extra build args, i.e. `make build-dev BUILD_ARGS="--no-cache"`
BUILD_ARGS?=

# pass extra trivy args, i.e. `make trivy-scan TRIVY_ARGS="-f json"`
TRIVY_ARGS?=

# pass extra grype args, i.e. `make grype-scan GRYPE_ARGS="-o json"`
GRYPE_ARGS?=

.PHONY: test clean all build-dev trivy-scan grype-scan
.DEFAULT_GOAL := build-dev

build-dev:
@echo "[I] Building Docker image ${IMAGE_NAME}:${DEV_VERSION}"
@docker build --rm --force-rm -t ${IMAGE_NAME}:${DEV_VERSION} .
@echo "[I] Building OCI image ${IMAGE_NAME}:${DEV_VERSION}"
@docker build --rm --force-rm ${BUILD_ARGS} -t ${IMAGE_NAME}:${DEV_VERSION} .

trivy-scan:
@echo "[I] Scanning Docker image ${IMAGE_NAME}:${DEV_VERSION} using trivy"
@trivy image --security-checks vuln ${IMAGE_NAME}:${DEV_VERSION}
@echo "[I] Scanning OCI image ${IMAGE_NAME}:${DEV_VERSION} using trivy"
@trivy image --security-checks vuln ${TRIVY_ARGS} ${IMAGE_NAME}:${DEV_VERSION}

grype-scan:
@echo "[I] Scanning Docker image ${IMAGE_NAME}:${DEV_VERSION} using grype"
@grype -v ${IMAGE_NAME}:${DEV_VERSION}
@echo "[I] Scanning OCI image ${IMAGE_NAME}:${DEV_VERSION} using grype"
@grype -v ${GRYPE_ARGS} ${IMAGE_NAME}:${DEV_VERSION}
21 changes: 15 additions & 6 deletions docker-jans-config-api/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,26 @@ CN_VERSION?=1.0.13-SNAPSHOT
IMAGE_NAME=ghcr.io/janssenproject/jans/config-api
DEV_VERSION?=$(shell echo ${CN_VERSION} | cut -d '-' -f 1)_dev

# pass extra build args, i.e. `make build-dev BUILD_ARGS="--no-cache"`
BUILD_ARGS?=

# pass extra trivy args, i.e. `make trivy-scan TRIVY_ARGS="-f json"`
TRIVY_ARGS?=

# pass extra grype args, i.e. `make grype-scan GRYPE_ARGS="-o json"`
GRYPE_ARGS?=

.PHONY: test clean all build-dev trivy-scan grype-scan
.DEFAULT_GOAL := build-dev

build-dev:
@echo "[I] Building Docker image ${IMAGE_NAME}:${DEV_VERSION}"
@docker build --rm --force-rm -t ${IMAGE_NAME}:${DEV_VERSION} .
@echo "[I] Building OCI image ${IMAGE_NAME}:${DEV_VERSION}"
@docker build --rm --force-rm ${BUILD_ARGS} -t ${IMAGE_NAME}:${DEV_VERSION} .

trivy-scan:
@echo "[I] Scanning Docker image ${IMAGE_NAME}:${DEV_VERSION} using trivy"
@trivy image --security-checks vuln ${IMAGE_NAME}:${DEV_VERSION}
@echo "[I] Scanning OCI image ${IMAGE_NAME}:${DEV_VERSION} using trivy"
@trivy image --security-checks vuln ${TRIVY_ARGS} ${IMAGE_NAME}:${DEV_VERSION}

grype-scan:
@echo "[I] Scanning Docker image ${IMAGE_NAME}:${DEV_VERSION} using grype"
@grype -v ${IMAGE_NAME}:${DEV_VERSION}
@echo "[I] Scanning OCI image ${IMAGE_NAME}:${DEV_VERSION} using grype"
@grype -v ${GRYPE_ARGS} ${IMAGE_NAME}:${DEV_VERSION}
21 changes: 15 additions & 6 deletions docker-jans-configurator/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,26 @@ CN_VERSION?=1.0.13-SNAPSHOT
IMAGE_NAME=ghcr.io/janssenproject/jans/configurator
DEV_VERSION?=$(shell echo ${CN_VERSION} | cut -d '-' -f 1)_dev

# pass extra build args, i.e. `make build-dev BUILD_ARGS="--no-cache"`
BUILD_ARGS?=

# pass extra trivy args, i.e. `make trivy-scan TRIVY_ARGS="-f json"`
TRIVY_ARGS?=

# pass extra grype args, i.e. `make grype-scan GRYPE_ARGS="-o json"`
GRYPE_ARGS?=

.PHONY: test clean all build-dev trivy-scan grype-scan
.DEFAULT_GOAL := build-dev

build-dev:
@echo "[I] Building Docker image ${IMAGE_NAME}:${DEV_VERSION}"
@docker build --rm --force-rm -t ${IMAGE_NAME}:${DEV_VERSION} .
@echo "[I] Building OCI image ${IMAGE_NAME}:${DEV_VERSION}"
@docker build --rm --force-rm ${BUILD_ARGS} -t ${IMAGE_NAME}:${DEV_VERSION} .

trivy-scan:
@echo "[I] Scanning Docker image ${IMAGE_NAME}:${DEV_VERSION} using trivy"
@trivy image --security-checks vuln ${IMAGE_NAME}:${DEV_VERSION}
@echo "[I] Scanning OCI image ${IMAGE_NAME}:${DEV_VERSION} using trivy"
@trivy image --security-checks vuln ${TRIVY_ARGS} ${IMAGE_NAME}:${DEV_VERSION}

grype-scan:
@echo "[I] Scanning Docker image ${IMAGE_NAME}:${DEV_VERSION} using grype"
@grype -v ${IMAGE_NAME}:${DEV_VERSION}
@echo "[I] Scanning OCI image ${IMAGE_NAME}:${DEV_VERSION} using grype"
@grype -v ${GRYPE_ARGS} ${IMAGE_NAME}:${DEV_VERSION}
21 changes: 15 additions & 6 deletions docker-jans-fido2/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,26 @@ CN_VERSION?=1.0.13-SNAPSHOT
IMAGE_NAME=ghcr.io/janssenproject/jans/fido2
DEV_VERSION?=$(shell echo ${CN_VERSION} | cut -d '-' -f 1)_dev

# pass extra build args, i.e. `make build-dev BUILD_ARGS="--no-cache"`
BUILD_ARGS?=

# pass extra trivy args, i.e. `make trivy-scan TRIVY_ARGS="-f json"`
TRIVY_ARGS?=

# pass extra grype args, i.e. `make grype-scan GRYPE_ARGS="-o json"`
GRYPE_ARGS?=

.PHONY: test clean all build-dev trivy-scan grype-scan
.DEFAULT_GOAL := build-dev

build-dev:
@echo "[I] Building Docker image ${IMAGE_NAME}:${DEV_VERSION}"
@docker build --rm --force-rm -t ${IMAGE_NAME}:${DEV_VERSION} .
@echo "[I] Building OCI image ${IMAGE_NAME}:${DEV_VERSION}"
@docker build --rm --force-rm ${BUILD_ARGS} -t ${IMAGE_NAME}:${DEV_VERSION} .

trivy-scan:
@echo "[I] Scanning Docker image ${IMAGE_NAME}:${DEV_VERSION} using trivy"
@trivy image --security-checks vuln ${IMAGE_NAME}:${DEV_VERSION}
@echo "[I] Scanning OCI image ${IMAGE_NAME}:${DEV_VERSION} using trivy"
@trivy image --security-checks vuln ${TRIVY_ARGS} ${IMAGE_NAME}:${DEV_VERSION}

grype-scan:
@echo "[I] Scanning Docker image ${IMAGE_NAME}:${DEV_VERSION} using grype"
@grype -v ${IMAGE_NAME}:${DEV_VERSION}
@echo "[I] Scanning OCI image ${IMAGE_NAME}:${DEV_VERSION} using grype"
@grype -v ${GRYPE_ARGS} ${IMAGE_NAME}:${DEV_VERSION}
21 changes: 15 additions & 6 deletions docker-jans-monolith/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,26 @@ CN_VERSION?=1.0.13-SNAPSHOT
IMAGE_NAME=ghcr.io/janssenproject/jans/monolith
DEV_VERSION?=$(shell echo ${CN_VERSION} | cut -d '-' -f 1)_dev

# pass extra build args, i.e. `make build-dev BUILD_ARGS="--no-cache"`
BUILD_ARGS?=

# pass extra trivy args, i.e. `make trivy-scan TRIVY_ARGS="-f json"`
TRIVY_ARGS?=

# pass extra grype args, i.e. `make grype-scan GRYPE_ARGS="-o json"`
GRYPE_ARGS?=

.PHONY: test clean all build-dev trivy-scan grype-scan
.DEFAULT_GOAL := build-dev

build-dev:
@echo "[I] Building Docker image ${IMAGE_NAME}:${DEV_VERSION}"
@docker build --rm --force-rm -t ${IMAGE_NAME}:${DEV_VERSION} .
@echo "[I] Building OCI image ${IMAGE_NAME}:${DEV_VERSION}"
@docker build --rm --force-rm ${BUILD_ARGS} -t ${IMAGE_NAME}:${DEV_VERSION} .

trivy-scan:
@echo "[I] Scanning Docker image ${IMAGE_NAME}:${DEV_VERSION} using trivy"
@trivy image --security-checks vuln ${IMAGE_NAME}:${DEV_VERSION}
@echo "[I] Scanning OCI image ${IMAGE_NAME}:${DEV_VERSION} using trivy"
@trivy image --security-checks vuln ${TRIVY_ARGS} ${IMAGE_NAME}:${DEV_VERSION}

grype-scan:
@echo "[I] Scanning Docker image ${IMAGE_NAME}:${DEV_VERSION} using grype"
@grype -v ${IMAGE_NAME}:${DEV_VERSION}
@echo "[I] Scanning OCI image ${IMAGE_NAME}:${DEV_VERSION} using grype"
@grype -v ${GRYPE_ARGS} ${IMAGE_NAME}:${DEV_VERSION}
21 changes: 15 additions & 6 deletions docker-jans-persistence-loader/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,26 @@ CN_VERSION?=1.0.13-SNAPSHOT
IMAGE_NAME=ghcr.io/janssenproject/jans/persistence-loader
DEV_VERSION?=$(shell echo ${CN_VERSION} | cut -d '-' -f 1)_dev

# pass extra build args, i.e. `make build-dev BUILD_ARGS="--no-cache"`
BUILD_ARGS?=

# pass extra trivy args, i.e. `make trivy-scan TRIVY_ARGS="-f json"`
TRIVY_ARGS?=

# pass extra grype args, i.e. `make grype-scan GRYPE_ARGS="-o json"`
GRYPE_ARGS?=

.PHONY: test clean all build-dev trivy-scan grype-scan
.DEFAULT_GOAL := build-dev

build-dev:
@echo "[I] Building Docker image ${IMAGE_NAME}:${DEV_VERSION}"
@docker build --rm --force-rm -t ${IMAGE_NAME}:${DEV_VERSION} .
@echo "[I] Building OCI image ${IMAGE_NAME}:${DEV_VERSION}"
@docker build --rm --force-rm ${BUILD_ARGS} -t ${IMAGE_NAME}:${DEV_VERSION} .

trivy-scan:
@echo "[I] Scanning Docker image ${IMAGE_NAME}:${DEV_VERSION} using trivy"
@trivy image --security-checks vuln ${IMAGE_NAME}:${DEV_VERSION}
@echo "[I] Scanning OCI image ${IMAGE_NAME}:${DEV_VERSION} using trivy"
@trivy image --security-checks vuln ${TRIVY_ARGS} ${IMAGE_NAME}:${DEV_VERSION}

grype-scan:
@echo "[I] Scanning Docker image ${IMAGE_NAME}:${DEV_VERSION} using grype"
@grype -v ${IMAGE_NAME}:${DEV_VERSION}
@echo "[I] Scanning OCI image ${IMAGE_NAME}:${DEV_VERSION} using grype"
@grype -v ${GRYPE_ARGS} ${IMAGE_NAME}:${DEV_VERSION}
15 changes: 12 additions & 3 deletions docker-jans-scim/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,26 @@ CN_VERSION?=1.0.13-SNAPSHOT
IMAGE_NAME=ghcr.io/janssenproject/jans/scim
DEV_VERSION?=$(shell echo ${CN_VERSION} | cut -d '-' -f 1)_dev

# pass extra build args, i.e. `make build-dev BUILD_ARGS="--no-cache"`
BUILD_ARGS?=

# pass extra trivy args, i.e. `make trivy-scan TRIVY_ARGS="-f json"`
TRIVY_ARGS?=

# pass extra grype args, i.e. `make grype-scan GRYPE_ARGS="-o json"`
GRYPE_ARGS?=

.PHONY: test clean all build-dev trivy-scan grype-scan
.DEFAULT_GOAL := build-dev

build-dev:
@echo "[I] Building Docker image ${IMAGE_NAME}:${DEV_VERSION}"
@docker build --rm --force-rm -t ${IMAGE_NAME}:${DEV_VERSION} .
@docker build --rm --force-rm ${BUILD_ARGS} -t ${IMAGE_NAME}:${DEV_VERSION} .

trivy-scan:
@echo "[I] Scanning Docker image ${IMAGE_NAME}:${DEV_VERSION} using trivy"
@trivy image --security-checks vuln ${IMAGE_NAME}:${DEV_VERSION}
@trivy image --security-checks vuln ${TRIVY_ARGS} ${IMAGE_NAME}:${DEV_VERSION}

grype-scan:
@echo "[I] Scanning Docker image ${IMAGE_NAME}:${DEV_VERSION} using grype"
@grype -v ${IMAGE_NAME}:${DEV_VERSION}
@grype -v ${GRYPE_ARGS} ${IMAGE_NAME}:${DEV_VERSION}

0 comments on commit 982921f

Please sign in to comment.