homelab-security-stack-scanner-runner (4821513)
Published 2026-03-19 19:50:12 +01:00 by vr6syncro
Installation
docker pull forgejo.diefamiliekramer.de/vr6syncro/homelab-security-stack-scanner-runner:4821513sha256:0ba639bd5840131eddaf7d4457b347a07638ecff3067cd33f628d049ee2d3285Image layers
| # debian.sh --arch 'amd64' out/ 'bookworm' '@1773619200' |
| ENV DEBIAN_FRONTEND=noninteractive |
| ENV REPORT_ROOT=/reports/trivy |
| ENV TRIVY_CACHE_DIR=/var/lib/trivy-cache |
| RUN /bin/sh -c apt-get update -qq && apt-get install -y -q --no-install-recommends bash ca-certificates curl git gnupg jq python3 wget && mkdir -p /usr/share/keyrings && wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor -o /usr/share/keyrings/trivy.gpg && echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb generic main" > /etc/apt/sources.list.d/trivy.list && apt-get update -qq && apt-get install -y -q --no-install-recommends trivy && apt-get clean && rm -rf /var/lib/apt/lists/* # buildkit |
| WORKDIR /workspace |
| COPY scripts/trivy/ /opt/homelab-security/scripts/trivy/ # buildkit |
| COPY scripts/reporting/ /opt/homelab-security/scripts/reporting/ # buildkit |
| COPY packages/scanner-runner/entrypoint.sh /usr/local/bin/homelab-security # buildkit |
| RUN /bin/sh -c chmod +x /usr/local/bin/homelab-security /opt/homelab-security/scripts/trivy/scan-images.sh /opt/homelab-security/scripts/trivy/scan-filesystems.sh /opt/homelab-security/scripts/trivy/scan-repos.sh /opt/homelab-security/scripts/reporting/render_trivy_report.py /opt/homelab-security/scripts/reporting/render_index.py # buildkit |
| ENTRYPOINT ["homelab-security"] |
| CMD ["help"] |