-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
57 lines (39 loc) · 1.6 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
FROM ubuntu:jammy
ARG TARGETVERSION=v0.15.1
ARG TARGETOS=linux
ARG TARGETARCH=amd64
# add a non-root 'steampipe' user
RUN adduser --system --disabled-login --ingroup 0 --gecos "steampipe user" --shell /bin/bash --uid 9193 steampipe
# updates and installs - 'wget' for downloading steampipe, 'less' for paging in 'steampipe query' interactive mode
RUN apt-get update -y && apt-get install -y wget less jq
# download the release as given in TARGETVERSION, TARGETOS and TARGETARCH
RUN echo \
&& cd /tmp \
&& wget -nv https://github.com/turbot/steampipe/releases/download/${TARGETVERSION}/steampipe_${TARGETOS}_${TARGETARCH}.tar.gz \
&& tar xzf steampipe_${TARGETOS}_${TARGETARCH}.tar.gz \
&& mv steampipe /usr/local/bin/ \
&& rm -rf /tmp/steampipe_${TARGETOS}_${TARGETARCH}.tar.gz
# Change user to non-root
USER steampipe:0
# disable auto-update
ENV STEAMPIPE_UPDATE_CHECK=false
# disable telemetry
ENV STEAMPIPE_TELEMETRY=none
# Run steampipe service once
RUN steampipe service start --dashboard
# and stop it
RUN steampipe service stop
# remove the generated service .passwd file from this image, so that it gets regenerated in the container
RUN rm -f /home/steampipe/.steampipe/internal/.passwd
RUN steampipe plugin install aws code config datadog net
RUN rm -rf /home/steampipe/.steampipe/config/*.spc
USER root
# expose postgres service default port
EXPOSE 9193
# expose dashboard service default port
EXPOSE 9194
# Use a constant workspace directory that can be mounted to
WORKDIR /workspace
COPY bin/check /opt/resource/check
COPY realcheck in out /opt/resource/
ENTRYPOINT [ "/opt/resource/check" ]