Skip to content

euryecetelecom/woodpeckerci-dockle

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

name author icon description tags containerImage containerImageUrl url
Dockle plugin for Woodpecker-CI
EuryeceTelecom
Scan containers with dockle
check
security
dockle
vulnerabilities
misconfigurations
secrets
euryecetelecom/woodpeckerci-dockle

Dockle plugin for Woodpecker-CI

Woodpecker-CI plugin to scan containers with dockle (Container Image Linter for Security, Helping build the Best-Practice Docker Image) https://github.com/goodwithtech/dockle.

Settings

Settings Name Default Description
exit-code 1 If an issue is detected let the step fail
exit-level warn Define alert levels (can be info, warn or fatal)
build-directory ${CI_WORKSPACE} Directory containing the Dockerfile to use to build the container
dockerfile Dockerfile Dockerfile to use
dockle-ignores none Dockle rules to ignore (cf https://github.com/goodwithtech/dockle/blob/master/CHECKPOINT.md)

Usage

This container require privilegied capabilities to communicate with host docker daemon, like woodpeckerci/plugin-docker-buildx. Ensure the project configuration takes it in account (verified has to be enabled).

Simple usage:

pipeline:
  dockle_check:
    image: euryecetelecom/woodpeckerci-dockle
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock

Advanced usage:

pipeline:
  dockle_check:
    image: euryecetelecom/woodpeckerci-dockle
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    settings:
      dockerfile: MyCustomDockerfile
      build-directory: ./docker
      exit-code: 0
      exit-level: info
      dockle-ignores: CIS-DI-0001,DKL-DI-0006

About

Woodpecker-CI plugin to scan containers with dockle

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •