-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathDockerfile
31 lines (21 loc) · 883 Bytes
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
FROM maven:3.5.4-jdk-8
# Install node
RUN apt-get install -y curl \
&& curl -sL https://deb.nodesource.com/setup_8.x | bash - \
&& apt-get install -y nodejs \
&& curl -L https://www.npmjs.com/install.sh | sh
# Install auditjs (OSS Index for npm)
RUN npm install auditjs -g
# Install snyk
RUN npm install -g snyk
# Install patch as snyk needs it to apply patches for vulnerabilities
RUN apt-get update && apt-get install -y patch
# install license finder
RUN apt-get update && apt-get install -y ruby && gem install license_finder
# install OWASP Dependency Check
RUN curl -L http://dl.bintray.com/jeremy-long/owasp/dependency-check-3.3.2-release.zip -o dc.zip && unzip -x dc.zip
# download CVEs etc
RUN dependency-check/bin/dependency-check.sh --project tmp -s /tmp && rm dependency-check-report.html
ADD scan_maven.sh /
ADD scan_node.sh /
ENTRYPOINT [ "/bin/bash" ]