diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 3c05cbd..92253a7 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -204,7 +204,7 @@ jobs: file: cdxgen/Dockerfile.dotnet6 platforms: linux/amd64,linux/arm64 push: true - tags: ghcr.io/appthreat/cdxgen-dotnet:v10,ghcr.io/appthreat/cdxgen-dotnet6:v10 + tags: ghcr.io/appthreat/cdxgen-dotnet:v11,ghcr.io/appthreat/cdxgen-dotnet6:v11 labels: ${{ steps.meta-cdxgen-dotnet.outputs.labels }} - name: Build and push Docker images @@ -290,7 +290,7 @@ jobs: file: cdxgen/Dockerfile.dotnet7 platforms: linux/amd64,linux/arm64 push: true - tags: ghcr.io/appthreat/cdxgen-dotnet7:v10 + tags: ghcr.io/appthreat/cdxgen-dotnet7:v11 labels: ${{ steps.meta-cdxgen-dotnet7.outputs.labels }} - name: Build and push Docker images @@ -376,7 +376,7 @@ jobs: file: cdxgen/Dockerfile.dotnet8 platforms: linux/amd64,linux/arm64 push: true - tags: ghcr.io/appthreat/cdxgen-dotnet8:v10 + tags: ghcr.io/appthreat/cdxgen-dotnet8:v11 labels: ${{ steps.meta-cdxgen-dotnet8.outputs.labels }} - name: Build and push Docker images @@ -390,6 +390,92 @@ jobs: tags: ${{ steps.meta-cdxgen-dotnet8.outputs.tags }} labels: ${{ steps.meta-cdxgen-dotnet8.outputs.labels }} + sle-dotnet9-image: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + steps: + - uses: actions/checkout@v4 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta-bci-dotnet9 + uses: docker/metadata-action@v5 + with: + images: | + ghcr.io/appthreat/bci-dotnet9 + + - name: Build and push Docker images + uses: docker/build-push-action@v5 + with: + context: . + file: sle/Dockerfile.dotnet9 + platforms: linux/amd64,linux/arm64 + push: true + tags: ${{ steps.meta-bci-dotnet9.outputs.tags }} + labels: ${{ steps.meta-bci-dotnet9.outputs.labels }} + + cdxgen-dotnet9-image: + runs-on: ubuntu-latest + needs: sle-dotnet9-image + permissions: + packages: write + steps: + - uses: actions/checkout@v4 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta-cdxgen-dotnet9 + uses: docker/metadata-action@v5 + with: + images: | + ghcr.io/appthreat/cdxgen-dotnet9 + + - name: Build and push Docker images + uses: docker/build-push-action@v5 + if: github.ref == 'refs/heads/main' + with: + context: . + file: cdxgen/Dockerfile.dotnet9 + platforms: linux/amd64,linux/arm64 + push: true + tags: ghcr.io/appthreat/cdxgen-dotnet9:v11 + labels: ${{ steps.meta-cdxgen-dotnet9.outputs.labels }} + + - name: Build and push Docker images + uses: docker/build-push-action@v5 + if: startsWith(github.ref, 'refs/tags/') + with: + context: . + file: cdxgen/Dockerfile.dotnet9 + platforms: linux/amd64,linux/arm64 + push: true + tags: ${{ steps.meta-cdxgen-dotnet9.outputs.tags }} + labels: ${{ steps.meta-cdxgen-dotnet9.outputs.labels }} + sle-java-image: runs-on: ubuntu-latest permissions: @@ -500,7 +586,7 @@ jobs: file: cdxgen/Dockerfile.java platforms: linux/amd64,linux/arm64 push: true - tags: ghcr.io/appthreat/cdxgen-java:v10,ghcr.io/appthreat/cdxgen-java11:v10 + tags: ghcr.io/appthreat/cdxgen-java:v11,ghcr.io/appthreat/cdxgen-java11:v11 labels: ${{ steps.meta-cdxgen-java.outputs.labels }} - name: Build and push Docker images @@ -550,7 +636,7 @@ jobs: file: cdxgen/Dockerfile.java-slim platforms: linux/amd64,linux/arm64 push: true - tags: ghcr.io/appthreat/cdxgen-java-slim:v10,ghcr.io/appthreat/cdxgen-java11-slim:v10 + tags: ghcr.io/appthreat/cdxgen-java-slim:v11,ghcr.io/appthreat/cdxgen-java11-slim:v11 labels: ${{ steps.meta-cdxgen-java-slim.outputs.labels }} - name: Build and push Docker images @@ -637,7 +723,7 @@ jobs: file: cdxgen/Dockerfile.node20 platforms: linux/amd64,linux/arm64 push: true - tags: ghcr.io/appthreat/cdxgen-node:v10,ghcr.io/appthreat/cdxgen-node20:v10 + tags: ghcr.io/appthreat/cdxgen-node:v11,ghcr.io/appthreat/cdxgen-node20:v11 labels: ${{ steps.meta-cdxgen-node20.outputs.labels }} - name: Build and push Docker images @@ -760,7 +846,7 @@ jobs: file: cdxgen/Dockerfile.java17 platforms: linux/amd64,linux/arm64 push: true - tags: ghcr.io/appthreat/cdxgen-java17:v10 + tags: ghcr.io/appthreat/cdxgen-java17:v11 labels: ${{ steps.meta-cdxgen-java17.outputs.labels }} - name: Build and push Docker images @@ -809,7 +895,7 @@ jobs: file: cdxgen/Dockerfile.java17-slim platforms: linux/amd64,linux/arm64 push: true - tags: ghcr.io/appthreat/cdxgen-java17-slim:v10 + tags: ghcr.io/appthreat/cdxgen-java17-slim:v11 labels: ${{ steps.meta-cdxgen-java17-slim.outputs.labels }} - name: Build and push Docker images @@ -859,7 +945,7 @@ jobs: file: cdxgen/Dockerfile.python platforms: linux/amd64,linux/arm64 push: true - tags: ghcr.io/appthreat/cdxgen-python:v10,ghcr.io/appthreat/cdxgen-python312:v10 + tags: ghcr.io/appthreat/cdxgen-python:v11,ghcr.io/appthreat/cdxgen-python312:v11 labels: ${{ steps.meta-cdxgen-python.outputs.labels }} - name: Build and push Docker images @@ -945,7 +1031,7 @@ jobs: file: cdxgen/Dockerfile.python311 platforms: linux/amd64,linux/arm64 push: true - tags: ghcr.io/appthreat/cdxgen-python311:v10 + tags: ghcr.io/appthreat/cdxgen-python311:v11 labels: ${{ steps.meta-cdxgen-python311.outputs.labels }} - name: Build and push Docker images @@ -1100,7 +1186,7 @@ jobs: file: cdxgen/Dockerfile.python36 platforms: linux/amd64,linux/arm64 push: true - tags: ghcr.io/appthreat/cdxgen-python36:v10 + tags: ghcr.io/appthreat/cdxgen-python36:v11 labels: ${{ steps.meta-cdxgen-python36.outputs.labels }} - name: Build and push Docker images @@ -1186,7 +1272,7 @@ jobs: file: cdxgen/Dockerfile.deno platforms: linux/amd64,linux/arm64 push: true - tags: ghcr.io/appthreat/cdxgen-deno:v10 + tags: ghcr.io/appthreat/cdxgen-deno:v11 labels: ${{ steps.meta-cdxgen-deno.outputs.labels }} - name: Build and push Docker images @@ -1273,7 +1359,7 @@ jobs: file: cdxgen/Dockerfile.php82 platforms: linux/amd64,linux/arm64 push: true - tags: ghcr.io/appthreat/cdxgen-php:v10,ghcr.io/appthreat/cdxgen-php82:v10 + tags: ghcr.io/appthreat/cdxgen-php:v11,ghcr.io/appthreat/cdxgen-php82:v11 labels: ${{ steps.meta-cdxgen-php.outputs.labels }} - name: Build and push Docker images @@ -1359,7 +1445,7 @@ jobs: file: cdxgen/Dockerfile.rolling platforms: linux/amd64,linux/arm64 push: true - tags: ghcr.io/appthreat/cdxgen-rolling:v10 + tags: ghcr.io/appthreat/cdxgen-rolling:v11 labels: ${{ steps.meta-cdxgen-rolling.outputs.labels }} depscan-rolling-image: @@ -1492,7 +1578,7 @@ jobs: file: cdxgen/Dockerfile.python310 platforms: linux/amd64,linux/arm64 push: true - tags: ghcr.io/appthreat/cdxgen-python310:v10 + tags: ghcr.io/appthreat/cdxgen-python310:v11 labels: ${{ steps.meta-cdxgen-python310.outputs.labels }} - name: Build and push Docker images @@ -1578,7 +1664,7 @@ jobs: file: cdxgen/Dockerfile.python39 platforms: linux/amd64,linux/arm64 push: true - tags: ghcr.io/appthreat/cdxgen-python39:v10 + tags: ghcr.io/appthreat/cdxgen-python39:v11 labels: ${{ steps.meta-cdxgen-python39.outputs.labels }} - name: Build and push Docker images @@ -1664,7 +1750,7 @@ jobs: file: cdxgen/Dockerfile.python313 platforms: linux/amd64,linux/arm64 push: true - tags: ghcr.io/appthreat/cdxgen-python313:v10 + tags: ghcr.io/appthreat/cdxgen-python313:v11 labels: ${{ steps.meta-cdxgen-python313.outputs.labels }} - name: Build and push Docker images @@ -1750,7 +1836,7 @@ jobs: file: cdxgen/Dockerfile.python313-nogil platforms: linux/amd64 push: true - tags: ghcr.io/appthreat/cdxgen-python313-nogil:v10 + tags: ghcr.io/appthreat/cdxgen-python313-nogil:v11 labels: ${{ steps.meta-cdxgen-python313-nogil.outputs.labels }} - name: Build and push Docker images diff --git a/README.md b/README.md index e29b280..0aa6805 100644 --- a/README.md +++ b/README.md @@ -6,37 +6,37 @@ This repo contains the base images for AppThreat projects such as cdxgen. They w ### Legacy Java applications -The official cdxgen image bundles Java >= 23 with the latest maven and gradle. Legacy applications that rely on Java 11 can use the unofficial image `ghcr.io/appthreat/cdxgen-java11-slim:v10`. For Java 17, use `ghcr.io/appthreat/cdxgen-java17-slim:v10`. +The official cdxgen image bundles Java >= 23 with the latest maven and gradle. Legacy applications that rely on Java 11 can use the unofficial image `ghcr.io/appthreat/cdxgen-java11-slim:v11`. For Java 17, use `ghcr.io/appthreat/cdxgen-java17-slim:v11`. Example invocations: Java 11 version ```shell -docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $HOME/.m2:$HOME/.m2 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-java11-slim:v10 -r /app -o /app/bom.json -t java +docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $HOME/.m2:$HOME/.m2 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-java11-slim:v11 -r /app -o /app/bom.json -t java ``` Java 11 version with Android 33 SDK and gcc ```shell -docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $HOME/.m2:$HOME/.m2 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-java11:v10 -r /app -o /app/bom.json -t java +docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $HOME/.m2:$HOME/.m2 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-java11:v11 -r /app -o /app/bom.json -t java ``` Java 17 version ```shell -docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $HOME/.m2:$HOME/.m2 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-java17-slim:v10 -r /app -o /app/bom.json -t java +docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $HOME/.m2:$HOME/.m2 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-java17-slim:v11 -r /app -o /app/bom.json -t java ``` Java 17 version with Android 34 SDK and gcc ```shell -docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $HOME/.m2:$HOME/.m2 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-java17:v10 -r /app -o /app/bom.json -t java +docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $HOME/.m2:$HOME/.m2 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-java17:v11 -r /app -o /app/bom.json -t java ``` ### .Net Framework, .Net Core 3.1, and .Net 6.0 applications -Use the unofficial image `ghcr.io/appthreat/cdxgen-dotnet:v10`. +Use the unofficial image `ghcr.io/appthreat/cdxgen-dotnet:v11`. Example invocation: @@ -45,47 +45,45 @@ Example invocation: A bundled version of [nuget](./nuget/) and mono is used to support .Net framework apps. ```shell -docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-dotnet6:v10 -r /app -o /app/bom.json -t dotnet-framework +docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-dotnet6:v11 -r /app -o /app/bom.json -t dotnet-framework ``` Dotnet 3.1 or Dotnet 6.0 ```shell -docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-dotnet6:v10 -r /app -o /app/bom.json -t dotnet +docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-dotnet6:v11 -r /app -o /app/bom.json -t dotnet ``` Dotnet 7.0 ```shell -docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-dotnet7:v10 -r /app -o /app/bom.json -t dotnet +docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-dotnet7:v11 -r /app -o /app/bom.json -t dotnet ``` Dotnet 8.0 -Dotnet 8 is also bundled with the official `ghcr.io/cyclonedx/cdxgen` image. - ```shell -docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-dotnet8:v10 -r /app -o /app/bom.json -t dotnet +docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-dotnet8:v11 -r /app -o /app/bom.json -t dotnet ``` Dotnet 9.0 -Use the `cdxgen-rolling` image for testing dotnet 9 apps. +Dotnet 9 is also bundled with the official `ghcr.io/cyclonedx/cdxgen` image. ```shell -docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-rolling:v10 -r /app -o /app/bom.json -t dotnet +docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-dotnet9:v11 -r /app -o /app/bom.json -t dotnet ``` ### Python applications -Use the unofficial image `ghcr.io/appthreat/cdxgen-python312:v10` or `ghcr.io/appthreat/cdxgen-python311:v10`. This includes additional build tools and libraries to build a range of Python applications. Construction of the dependency tree is supported with Python >= 3.9. +Use the unofficial image `ghcr.io/appthreat/cdxgen-python312:v11` or `ghcr.io/appthreat/cdxgen-python311:v11`. This includes additional build tools and libraries to build a range of Python applications. Construction of the dependency tree is supported with Python >= 3.9. Example invocation: Python 3.6 (Direct dependencies only without dependency tree) ```shell -docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python36:v10 -r /app -o /app/bom.json -t python +docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python36:v11 -r /app -o /app/bom.json -t python ``` NOTE: dependency tree is unavailable with Python 3.6 @@ -93,51 +91,51 @@ NOTE: dependency tree is unavailable with Python 3.6 Python 3.9 ```shell -docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python39:v10 -r /app -o /app/bom.json -t python +docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python39:v11 -r /app -o /app/bom.json -t python ``` Python 3.10 ```shell -docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python310:v10 -r /app -o /app/bom.json -t python +docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python310:v11 -r /app -o /app/bom.json -t python ``` Python 3.11 ```shell -docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python311:v10 -r /app -o /app/bom.json -t python +docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python311:v11 -r /app -o /app/bom.json -t python ``` Python 3.12 ```shell -docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python312:v10 -r /app -o /app/bom.json -t python +docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python312:v11 -r /app -o /app/bom.json -t python ``` ### Node.js applications -Use the unofficial image `ghcr.io/appthreat/cdxgen-node20:v10`. +Use the unofficial image `ghcr.io/appthreat/cdxgen-node20:v11`. Node.js 20 ```shell -docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-node20:v10 -r /app -o /app/bom.json -t js +docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-node20:v11 -r /app -o /app/bom.json -t js ``` ### Deno version -Use the unofficial image `ghcr.io/appthreat/cdxgen-deno:v10`. +Use the unofficial image `ghcr.io/appthreat/cdxgen-deno:v11`. ```shell -docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-deno:v10 -r /app -o /app/bom.json -t js +docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-deno:v11 -r /app -o /app/bom.json -t js ``` ### PHP applications -Use the unofficial image `ghcr.io/appthreat/cdxgen-php82:v10`. +Use the unofficial image `ghcr.io/appthreat/cdxgen-php82:v11`. ```shell -docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-php82:v10 -r /app -o /app/bom.json -t php +docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-php82:v11 -r /app -o /app/bom.json -t php ``` ## Troubleshooting @@ -233,7 +231,7 @@ Include the below argument with the `nerdctl run` command. Example: ```shell -nerdctl run --rm --platform=linux/arm64 -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-node20:v10 -r /app -o /app/bom.json -t js +nerdctl run --rm --platform=linux/arm64 -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-node20:v11 -r /app -o /app/bom.json -t js ``` ## License diff --git a/cdxgen/Dockerfile.deno b/cdxgen/Dockerfile.deno index 3657b85..20e739d 100644 --- a/cdxgen/Dockerfile.deno +++ b/cdxgen/Dockerfile.deno @@ -9,7 +9,7 @@ LABEL maintainer="AppThreat" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ org.opencontainers.image.description="Rolling image with cdxgen SBOM generator" \ - org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-deno:v10 -r /app --server" + org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-deno:v11 -r /app --server" ARG CDXGEN_VERSION=11.0.0 diff --git a/cdxgen/Dockerfile.dotnet6 b/cdxgen/Dockerfile.dotnet6 index cbdb984..57fa466 100644 --- a/cdxgen/Dockerfile.dotnet6 +++ b/cdxgen/Dockerfile.dotnet6 @@ -9,7 +9,7 @@ LABEL maintainer="AppThreat" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ org.opencontainers.image.description="Rolling image with cdxgen SBOM generator for legacy .Net Core and .Net Framework apps" \ - org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-dotnet:v10 -r /app --server" + org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-dotnet:v11 -r /app --server" ARG CDXGEN_VERSION=11.0.0 diff --git a/cdxgen/Dockerfile.dotnet7 b/cdxgen/Dockerfile.dotnet7 index ce75633..bf9608d 100644 --- a/cdxgen/Dockerfile.dotnet7 +++ b/cdxgen/Dockerfile.dotnet7 @@ -9,7 +9,7 @@ LABEL maintainer="AppThreat" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ org.opencontainers.image.description="Rolling image with cdxgen SBOM generator for dotnet 7 apps" \ - org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-dotnet7:v10 -r /app --server" + org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-dotnet7:v11 -r /app --server" ARG CDXGEN_VERSION=11.0.0 diff --git a/cdxgen/Dockerfile.dotnet8 b/cdxgen/Dockerfile.dotnet8 index 2a7f952..c9447d2 100644 --- a/cdxgen/Dockerfile.dotnet8 +++ b/cdxgen/Dockerfile.dotnet8 @@ -9,7 +9,7 @@ LABEL maintainer="AppThreat" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ org.opencontainers.image.description="Rolling image with cdxgen SBOM generator for dotnet 8 apps" \ - org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-dotnet8:v10 -r /app --server" + org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-dotnet8:v11 -r /app --server" ARG CDXGEN_VERSION=11.0.0 diff --git a/cdxgen/Dockerfile.dotnet9 b/cdxgen/Dockerfile.dotnet9 new file mode 100644 index 0000000..e910d00 --- /dev/null +++ b/cdxgen/Dockerfile.dotnet9 @@ -0,0 +1,24 @@ +FROM ghcr.io/appthreat/bci-dotnet9:main + +LABEL maintainer="AppThreat" \ + org.opencontainers.image.authors="Team AppThreat " \ + org.opencontainers.image.source="https://github.com/AppThreat/base-images" \ + org.opencontainers.image.url="https://github.com/AppThreat/base-images" \ + org.opencontainers.image.version="rolling" \ + org.opencontainers.image.vendor="AppThreat" \ + org.opencontainers.image.licenses="Apache-2.0" \ + org.opencontainers.image.title="cdxgen" \ + org.opencontainers.image.description="Rolling image with cdxgen SBOM generator for dotnet 8 apps" \ + org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-dotnet8:v11 -r /app --server" + +ARG CDXGEN_VERSION=11.0.0 + +ENV CDXGEN_NO_BANNER=true \ + CDXGEN_IN_CONTAINER=true \ + PYTHONPATH=/opt/pypi +ENV PATH=${PATH}:/usr/local/bin:/opt/pypi/bin: + +RUN npm install -g @cyclonedx/cdxgen@${CDXGEN_VERSION} --omit=dev \ + && pip install --upgrade --no-cache-dir blint --target /opt/pypi + +ENTRYPOINT ["cdxgen"] diff --git a/cdxgen/Dockerfile.java b/cdxgen/Dockerfile.java index 3ef1fbf..4933b1e 100644 --- a/cdxgen/Dockerfile.java +++ b/cdxgen/Dockerfile.java @@ -9,7 +9,7 @@ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ org.opencontainers.image.description="Rolling image with cdxgen SBOM generator for Java 11 and android apps" \ - org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-java:v10 -r /app --server" + org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-java:v11 -r /app --server" ARG CDXGEN_VERSION=11.0.0 diff --git a/cdxgen/Dockerfile.java-slim b/cdxgen/Dockerfile.java-slim index 93d66da..67bea38 100644 --- a/cdxgen/Dockerfile.java-slim +++ b/cdxgen/Dockerfile.java-slim @@ -9,7 +9,7 @@ LABEL maintainer="AppThreat" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ org.opencontainers.image.description="Rolling image with cdxgen SBOM generator for Java 11 apps" \ - org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-java-slim:v10 -r /app --server" + org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-java-slim:v11 -r /app --server" ARG CDXGEN_VERSION=11.0.0 diff --git a/cdxgen/Dockerfile.java17 b/cdxgen/Dockerfile.java17 index 7759291..b15cba9 100644 --- a/cdxgen/Dockerfile.java17 +++ b/cdxgen/Dockerfile.java17 @@ -9,7 +9,7 @@ LABEL maintainer="AppThreat" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ org.opencontainers.image.description="Rolling image with cdxgen SBOM generator for Java 17 and android apps" \ - org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-java17:v10 -r /app --server" + org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-java17:v11 -r /app --server" ARG CDXGEN_VERSION=11.0.0 diff --git a/cdxgen/Dockerfile.java17-slim b/cdxgen/Dockerfile.java17-slim index 85f4a10..0775201 100644 --- a/cdxgen/Dockerfile.java17-slim +++ b/cdxgen/Dockerfile.java17-slim @@ -9,7 +9,7 @@ LABEL maintainer="AppThreat" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ org.opencontainers.image.description="Rolling image with cdxgen SBOM generator for Java 17 apps" \ - org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-java17-slim:v10 -r /app --server" + org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-java17-slim:v11 -r /app --server" ARG CDXGEN_VERSION=11.0.0 diff --git a/cdxgen/Dockerfile.node20 b/cdxgen/Dockerfile.node20 index e2df987..27e8782 100644 --- a/cdxgen/Dockerfile.node20 +++ b/cdxgen/Dockerfile.node20 @@ -9,7 +9,7 @@ LABEL maintainer="AppThreat" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ org.opencontainers.image.description="Rolling image with cdxgen SBOM generator for Node.js 20 apps" \ - org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-node20:v10 -r /app --server" + org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-node20:v11 -r /app --server" ARG CDXGEN_VERSION=11.0.0 diff --git a/cdxgen/Dockerfile.php82 b/cdxgen/Dockerfile.php82 index fe81d37..ac8b357 100644 --- a/cdxgen/Dockerfile.php82 +++ b/cdxgen/Dockerfile.php82 @@ -9,7 +9,7 @@ LABEL maintainer="AppThreat" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ org.opencontainers.image.description="Rolling image with cdxgen SBOM generator for PHP apps" \ - org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-php:v10 -r /app --server" + org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-php:v11 -r /app --server" ARG CDXGEN_VERSION=11.0.0 diff --git a/cdxgen/Dockerfile.python b/cdxgen/Dockerfile.python index cd1e05f..631b598 100644 --- a/cdxgen/Dockerfile.python +++ b/cdxgen/Dockerfile.python @@ -9,7 +9,7 @@ LABEL maintainer="AppThreat" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ org.opencontainers.image.description="Rolling image with cdxgen SBOM generator for Python 3.12 apps" \ - org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python:v10 -r /app --server" + org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python:v11 -r /app --server" ARG NODE_VERSION=23.0.0 ARG CDXGEN_VERSION=11.0.0 diff --git a/cdxgen/Dockerfile.python310 b/cdxgen/Dockerfile.python310 index e93fc34..eb4a984 100644 --- a/cdxgen/Dockerfile.python310 +++ b/cdxgen/Dockerfile.python310 @@ -9,7 +9,7 @@ LABEL maintainer="AppThreat" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ org.opencontainers.image.description="Rolling image with cdxgen SBOM generator for python 3.10 apps" \ - org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python310:v10 -r /app --server" + org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python310:v11 -r /app --server" ARG CDXGEN_VERSION=11.0.0 diff --git a/cdxgen/Dockerfile.python311 b/cdxgen/Dockerfile.python311 index b4842d0..96ef730 100644 --- a/cdxgen/Dockerfile.python311 +++ b/cdxgen/Dockerfile.python311 @@ -9,7 +9,7 @@ LABEL maintainer="AppThreat" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ org.opencontainers.image.description="Rolling image with cdxgen SBOM generator for Python 3.11 apps" \ - org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python311:v10 -r /app --server" + org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python311:v11 -r /app --server" ARG NODE_VERSION=20.17.0 ARG CDXGEN_VERSION=11.0.0 diff --git a/cdxgen/Dockerfile.python313 b/cdxgen/Dockerfile.python313 index d198fb5..165f471 100644 --- a/cdxgen/Dockerfile.python313 +++ b/cdxgen/Dockerfile.python313 @@ -9,7 +9,7 @@ LABEL maintainer="AppThreat" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ org.opencontainers.image.description="Rolling image with cdxgen SBOM generator for Python 3.13 apps" \ - org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python313:v10 -r /app --server" + org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python313:v11 -r /app --server" ARG CDXGEN_VERSION=11.0.0 diff --git a/cdxgen/Dockerfile.python313-nogil b/cdxgen/Dockerfile.python313-nogil index fff9136..7c7b01f 100644 --- a/cdxgen/Dockerfile.python313-nogil +++ b/cdxgen/Dockerfile.python313-nogil @@ -9,7 +9,7 @@ LABEL maintainer="AppThreat" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ org.opencontainers.image.description="Rolling image with cdxgen SBOM generator for Python 3.13 apps" \ - org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python313-nogil:v10 -r /app --server" + org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python313-nogil:v11 -r /app --server" ARG CDXGEN_VERSION=11.0.0 diff --git a/cdxgen/Dockerfile.python36 b/cdxgen/Dockerfile.python36 index db4ac7c..af30e9e 100644 --- a/cdxgen/Dockerfile.python36 +++ b/cdxgen/Dockerfile.python36 @@ -9,7 +9,7 @@ LABEL maintainer="AppThreat" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ org.opencontainers.image.description="Rolling image with cdxgen SBOM generator for Python 3.6 apps" \ - org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python36:v10 -r /app --server" + org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python36:v11 -r /app --server" ARG NODE_VERSION=20.17.0 ARG CDXGEN_VERSION=11.0.0 diff --git a/cdxgen/Dockerfile.python39 b/cdxgen/Dockerfile.python39 index 22dd334..daa9750 100644 --- a/cdxgen/Dockerfile.python39 +++ b/cdxgen/Dockerfile.python39 @@ -9,7 +9,7 @@ LABEL maintainer="AppThreat" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ org.opencontainers.image.description="Rolling image with cdxgen SBOM generator for python 3.9 apps" \ - org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python39:v10 -r /app --server" + org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-python39:v11 -r /app --server" ARG CDXGEN_VERSION=11.0.0 diff --git a/cdxgen/Dockerfile.rolling b/cdxgen/Dockerfile.rolling index f43621c..7c82f92 100644 --- a/cdxgen/Dockerfile.rolling +++ b/cdxgen/Dockerfile.rolling @@ -17,7 +17,7 @@ LABEL maintainer="AppThreat" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.title="cdxgen" \ org.opencontainers.image.description="Rolling image with cdxgen SBOM generator based on tumbleweed" \ - org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-rolling:v10 -r /app --server" + org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/appthreat/cdxgen-rolling:v11 -r /app --server" RUN npm install -g git+https://github.com/CycloneDX/cdxgen --omit=dev && cdxgen --help \ && pip install --upgrade --no-cache-dir blint --target /opt/pypi diff --git a/depscan/Dockerfile.rolling b/depscan/Dockerfile.rolling index 07c3cb1..8dd14cf 100644 --- a/depscan/Dockerfile.rolling +++ b/depscan/Dockerfile.rolling @@ -1,4 +1,4 @@ -FROM ghcr.io/appthreat/cdxgen-rolling:v10 +FROM ghcr.io/appthreat/cdxgen-rolling:v11 LABEL maintainer="AppThreat" \ org.opencontainers.image.authors="Team AppThreat " \ diff --git a/opensuse/Dockerfile.lang b/opensuse/Dockerfile.lang index c458f2e..7aed589 100644 --- a/opensuse/Dockerfile.lang +++ b/opensuse/Dockerfile.lang @@ -3,7 +3,7 @@ FROM opensuse/tumbleweed:latest ARG MAVEN_VERSION=4.0.0-beta-4 ARG SBT_VERSION=1.10.2 ARG GRADLE_VERSION=8.11 -ARG DOTNET_SDK_VERSION=9.0.100-rc.2.24474.11 +ARG DOTNET_SDK_VERSION=9.0.100 ENV SBT_VERSION=$SBT_VERSION \ MAVEN_VERSION=$MAVEN_VERSION \ diff --git a/sle/Dockerfile.dotnet9 b/sle/Dockerfile.dotnet9 new file mode 100644 index 0000000..abe7278 --- /dev/null +++ b/sle/Dockerfile.dotnet9 @@ -0,0 +1,14 @@ +FROM registry.suse.com/bci/dotnet-sdk:9.0 + +ENV DOTNET_GENERATE_ASPNET_CERTIFICATE=false \ + DOTNET_NOLOGO=true \ + DOTNET_USE_POLLING_FILE_WATCHER=true \ + NUGET_XMLDOC_MODE=skip \ + DOTNET_RUNNING_IN_CONTAINER=true \ + DOTNET_CLI_TELEMETRY_OPTOUT=1 + +RUN zypper refresh && zypper --non-interactive update && zypper --non-interactive install -l --no-recommends git-core nodejs20 npm20 python311 python311-pip wget zip unzip make gawk java-21-openjdk-devel \ + && dotnet --list-sdks \ + && zypper clean -a + +CMD /bin/bash