From 137575c7cbc79b6206454f4a0edf0228b9b79923 Mon Sep 17 00:00:00 2001 From: Matus Bursa Date: Sat, 7 Dec 2024 12:29:48 +0100 Subject: [PATCH 1/7] added sonarcloud scan for kiterunner --- .github/workflows/kiterunner.yml | 56 ++++++- .github/workflows/mvt-project_sonarcloud.yml | 8 +- .github/workflows/routersploit.yml | 4 +- .github/workflows/routersploit_sonarcloud.yml | 1 + README.md | 138 ++++++++++-------- 5 files changed, 136 insertions(+), 71 deletions(-) diff --git a/.github/workflows/kiterunner.yml b/.github/workflows/kiterunner.yml index 4079e5e..8521269 100644 --- a/.github/workflows/kiterunner.yml +++ b/.github/workflows/kiterunner.yml @@ -4,9 +4,9 @@ on: push: branches: - main # Change to your default branch if not main + - sonarcloud-kiterunner pull_request: - branches: - - main # Change to your default branch if not main + types: [opened, synchronize, reopened] permissions: contents: read @@ -74,4 +74,54 @@ jobs: - name: Upload SARIF Report to GitHub Code Scanning uses: github/codeql-action/upload-sarif@v3 with: - sarif_file: snyk.sarif \ No newline at end of file + sarif_file: snyk.sarif + + sonarcloud-kiterunner: + name: Scan kiterunner + runs-on: ubuntu-latest + + steps: + # Checkout the kiterunner repository + - name: Checkout kiterunner Repository + uses: actions/checkout@v4 + with: + repository: assetnote/kiterunner + path: kiterunner # Optional: Clone into a specific directory + ref: 'v2.5.4' + + # Set up Python 3.13 + - name: Set up Python + uses: actions/setup-python@v4 + with: + python-version: '3.13' + + # Install dependencies + - name: Install dependencies + run: | + cd kiterunner + sudo apt update && sudo apt install -y \ + build-essential \ + git \ + autoconf \ + automake \ + libtool-bin \ + pkg-config \ + libcurl4-openssl-dev \ + libusb-1.0-0-dev \ + libssl-dev \ + udev \ + && sudo rm -rf /var/lib/apt/lists/* + + # SonarCloud Scan + - name: SonarCloud Scan + uses: sonarsource/sonarqube-scan-action@v4 + continue-on-error: true + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + with: + args: > + -Dsonar.organization=matusso + -Dsonar.projectKey=docker-builds:kiterunner + -Dsonar.verbose=true + -Dsonar.projectName=kiterunner + -Dsonar.sources=kiterunner \ No newline at end of file diff --git a/.github/workflows/mvt-project_sonarcloud.yml b/.github/workflows/mvt-project_sonarcloud.yml index a513d5e..af3eee2 100644 --- a/.github/workflows/mvt-project_sonarcloud.yml +++ b/.github/workflows/mvt-project_sonarcloud.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - # Checkout the RouterSploit repository + # Checkout the mvt-project repository - name: Checkout mvt-project Repository uses: actions/checkout@v4 with: @@ -27,8 +27,8 @@ jobs: with: python-version: '3.13' - # Install Python dependencies - - name: Install Python dependencies + # Install dependencies + - name: Install dependencies run: | cd mvt sudo apt update && sudo apt install -y \ @@ -44,7 +44,7 @@ jobs: udev \ && sudo rm -rf /var/lib/apt/lists/* - # SonarCloud Scan for RouterSploit + # SonarCloud Scan - name: SonarCloud Scan uses: sonarsource/sonarqube-scan-action@v4 continue-on-error: true diff --git a/.github/workflows/routersploit.yml b/.github/workflows/routersploit.yml index 8d6ce19..0d339da 100644 --- a/.github/workflows/routersploit.yml +++ b/.github/workflows/routersploit.yml @@ -4,9 +4,9 @@ on: push: branches: - main # Change to your default branch if not main + - sonarcloud-kiterunner pull_request: - branches: - - main # Change to your default branch if not main + types: [opened, synchronize, reopened] permissions: contents: read diff --git a/.github/workflows/routersploit_sonarcloud.yml b/.github/workflows/routersploit_sonarcloud.yml index 50dfe3f..7ffd6f0 100644 --- a/.github/workflows/routersploit_sonarcloud.yml +++ b/.github/workflows/routersploit_sonarcloud.yml @@ -4,6 +4,7 @@ on: push: branches: - main + - sonarcloud-kiterunner pull_request: types: [opened, synchronize, reopened] diff --git a/README.md b/README.md index dc6743f..51a29f6 100644 --- a/README.md +++ b/README.md @@ -1,90 +1,104 @@ -# docker-builds + # docker-builds -## Security Tools Docker Images + ## Security Tools Docker Images -This repository automates the process of building and publishing Docker images for various popular security tools. + This repository automates the process of building and publishing Docker images for various popular security tools. -## About + ## About -This project simplifies the deployment of essential security tools by containerizing them. Using these Docker images, you can quickly run tools without worrying about installation dependencies or conflicts on your host system. + This project simplifies the deployment of essential security tools by containerizing them. Using these Docker images, you can quickly run tools without worrying about installation dependencies or conflicts on your host system. -The following security tools are included in this repository: + The following security tools are included in this repository: -1. **[binwalk](https://github.com/ReFirmLabs/binwalk)** - - A tool for analyzing binary files for embedded files and executable code. - - Useful for reverse engineering firmware and binary analysis. - - [![ghcr.io/matusso/binwalk](https://github.com/matusso/docker-builds/actions/workflows/binwalk.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/binwalk.yml) + 1. **[binwalk](https://github.com/ReFirmLabs/binwalk)** + - A tool for analyzing binary files for embedded files and executable code. + - Useful for reverse engineering firmware and binary analysis. + - build: [![ghcr.io/matusso/binwalk](https://github.com/matusso/docker-builds/actions/workflows/binwalk.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/binwalk.yml) -2. **[dirsearch](https://github.com/maurosoria/dirsearch)** - - A simple command-line tool designed to brute-force directories and files in web servers. - - Helps uncover hidden directories and files for security assessments. - - [![ghcr.io/matusso/dirsearch](https://github.com/matusso/docker-builds/actions/workflows/dirsearch.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/dirsearch.yml) + 2. **[dirsearch](https://github.com/maurosoria/dirsearch)** + - A simple command-line tool designed to brute-force directories and files in web servers. + - Helps uncover hidden directories and files for security assessments. + - build: [![ghcr.io/matusso/dirsearch](https://github.com/matusso/docker-builds/actions/workflows/dirsearch.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/dirsearch.yml) -3. **[ghauri](https://github.com/r0oth3x49/ghauri)** - - A fast and powerful SQL injection detection and exploitation tool. - - Ideal for penetration testing web applications. - - [![ghcr.io/matusso/ghauri](https://github.com/matusso/docker-builds/actions/workflows/ghauri.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/ghauri.yml) + 3. **[ghauri](https://github.com/r0oth3x49/ghauri)** + - A fast and powerful SQL injection detection and exploitation tool. + - Ideal for penetration testing web applications. + - build: [![ghcr.io/matusso/ghauri](https://github.com/matusso/docker-builds/actions/workflows/ghauri.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/ghauri.yml) -4. **[metasploit-framework](https://github.com/rapid7/metasploit-framework)** - - A comprehensive penetration testing framework. - - Features exploits, payloads, and tools for security testing and research. - - [![ghcr.io/matusso/metasploit-framework](https://github.com/matusso/docker-builds/actions/workflows/metasploit-framework.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/metasploit-framework.yml) + 4. **[metasploit-framework](https://github.com/rapid7/metasploit-framework)** + - A comprehensive penetration testing framework. + - Features exploits, payloads, and tools for security testing and research. + - build: [![ghcr.io/matusso/metasploit-framework](https://github.com/matusso/docker-builds/actions/workflows/metasploit-framework.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/metasploit-framework.yml) + - vulns: [![Vulnerabilities](https://sonarcloud.io/api/project_badges/measure?project=docker-builds%3Ametasploit-framework&metric=vulnerabilities)](https://sonarcloud.io/summary/new_code?id=docker-builds%3Ametasploit-framework) -5. **[mvt-project](https://github.com/mvt-project/mvt)** - - Mobile Verification Toolkit (MVT) for analyzing mobile devices. - - Assists in detecting traces of known surveillance spyware. - - [![ghcr.io/matusso/mvt](https://github.com/matusso/docker-builds/actions/workflows/mvt-project.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/mvt-project.yml) + 5. **[mvt-project](https://github.com/mvt-project/mvt)** + - Mobile Verification Toolkit (MVT) for analyzing mobile devices. + - Assists in detecting traces of known surveillance spyware. + - [![ghcr.io/matusso/mvt](https://github.com/matusso/docker-builds/actions/workflows/mvt-project.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/mvt-project.yml) + - vulns: [![Vulnerabilities](https://sonarcloud.io/api/project_badges/measure?project=docker-builds%3Amvt-project&metric=vulnerabilities)](https://sonarcloud.io/summary/new_code?id=docker-builds%3Amvt-project) -6. **[kiterunner](https://github.com/assetnote/kiterunner)** - - Kiterunner is a tool that is capable of not only performing traditional content discovery at lightning fast speeds, but also bruteforcing routes/endpoints in modern applications.. - - [![ghcr.io/matusso/kiterunner](https://github.com/matusso/docker-builds/actions/workflows/kiterunner.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/kiterunner.yml) + 6. **[kiterunner](https://github.com/assetnote/kiterunner)** + - Kiterunner is a tool that is capable of not only performing traditional content discovery at lightning fast speeds, but also bruteforcing routes/endpoints in modern applications.. + - build: [![ghcr.io/matusso/kiterunner](https://github.com/matusso/docker-builds/actions/workflows/kiterunner.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/kiterunner.yml) + - vulns: [![Vulnerabilities](https://sonarcloud.io/api/project_badges/measure?project=docker-builds%3Akiterunner&metric=vulnerabilities)](https://sonarcloud.io/summary/new_code?id=docker-builds%3Akiterunner) -7. **[wafw00f](https://github.com/EnableSecurity/wafw00f)** - - WAFW00F can detect a number of firewalls - - [![ghcr.io/matusso/wafw00f](https://github.com/matusso/docker-builds/actions/workflows/wafw00f.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/wafw00f.yml) + 7. **[wafw00f](https://github.com/EnableSecurity/wafw00f)** + - WAFW00F can detect a number of firewalls + - [![ghcr.io/matusso/wafw00f](https://github.com/matusso/docker-builds/actions/workflows/wafw00f.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/wafw00f.yml) -8. **[routersploit](https://github.com/threat9/routersploit)** - - The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. - - [![ghcr.io/matusso/routersploit](https://github.com/matusso/docker-builds/actions/workflows/routersploit.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/routersploit.yml) + 8. **[routersploit](https://github.com/threat9/routersploit)** + - The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. + - [![ghcr.io/matusso/routersploit](https://github.com/matusso/docker-builds/actions/workflows/routersploit.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/routersploit.yml) + - vulns: [![Vulnerabilities](https://sonarcloud.io/api/project_badges/measure?project=docker-builds%3Aroutersploit&metric=vulnerabilities)](https://sonarcloud.io/summary/new_code?id=docker-builds%3Aroutersploit) -## Multi-Architecture Support + ## Multi-Architecture Support -All Docker images are built and published for the following architectures: -- **amd64**: For x86_64 systems. -- **arm64**: For ARM-based systems, including Apple M1/M2 and Raspberry Pi. + All Docker images are built and published for the following architectures: + - **amd64**: For x86_64 systems. + - **arm64**: For ARM-based systems, including Apple M1/M2 and Raspberry Pi. -## Why Use This Project? + ## SonarCloud Scanning -- **Consistency:** Pre-built Docker images ensure that the tools work as intended across various environments. -- **Convenience:** No need to manually install or configure dependencies for each tool. -- **Automation:** GitHub Actions automatically build and publish updated Docker images when changes are made to the repository. + This repository integrates with SonarCloud to maintain high code quality and security standards. + Each pull request and push to the main branch is automatically analyzed using SonarCloud. + The analysis covers: + - Code smells + - Security hotspots + - Bugs + - Maintainability -## How to Use + ## Why Use This Project? -1. Pull the desired tool's Docker image: -```bash -docker pull ghcr.io/matusso/ -``` + - **Consistency:** Pre-built Docker images ensure that the tools work as intended across various environments. + - **Convenience:** No need to manually install or configure dependencies for each tool. + - **Automation:** GitHub Actions automatically build and publish updated Docker images when changes are made to the repository. -2. Run the tool: -```bash -docker run --rm -it ghcr.io/matusso/ [tool-arguments] -``` + ## How to Use -#### Example + 1. Pull the desired tool's Docker image: + ```bash + docker pull ghcr.io/matusso/ + ``` -To use dirsearch: + 2. Run the tool: + ```bash + docker run --rm -it ghcr.io/matusso/ [tool-arguments] + ``` -``` -docker pull ghcr.io/matusso/dirsearch -docker run --rm -it ghcr.io/matusso/dirsearch -u https://example.com -``` + #### Example -#### Contributions + To use dirsearch: -Contributions to add more tools or improve the existing ones are welcome. Please create a pull request or open an issue for discussion. + ``` + docker pull ghcr.io/matusso/dirsearch + docker run --rm -it ghcr.io/matusso/dirsearch -u https://example.com + ``` + #### Contributions -#### License + Contributions to add more tools or improve the existing ones are welcome. Please create a pull request or open an issue for discussion. -This repository is distributed under the MIT License. Please check the individual projects for their respective licenses. \ No newline at end of file + + #### License + + This repository is distributed under the MIT License. Please check the individual projects for their respective licenses. \ No newline at end of file From 138933e7f89c38a367181c5fbb8606c0e1d5124b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mat=C3=BA=C5=A1=20Bursa?= Date: Sat, 7 Dec 2024 12:33:21 +0100 Subject: [PATCH 2/7] Update README.md --- README.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 51a29f6..f356dd9 100644 --- a/README.md +++ b/README.md @@ -13,34 +13,34 @@ 1. **[binwalk](https://github.com/ReFirmLabs/binwalk)** - A tool for analyzing binary files for embedded files and executable code. - Useful for reverse engineering firmware and binary analysis. - - build: [![ghcr.io/matusso/binwalk](https://github.com/matusso/docker-builds/actions/workflows/binwalk.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/binwalk.yml) + - [![ghcr.io/matusso/binwalk](https://github.com/matusso/docker-builds/actions/workflows/binwalk.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/binwalk.yml) 2. **[dirsearch](https://github.com/maurosoria/dirsearch)** - A simple command-line tool designed to brute-force directories and files in web servers. - Helps uncover hidden directories and files for security assessments. - - build: [![ghcr.io/matusso/dirsearch](https://github.com/matusso/docker-builds/actions/workflows/dirsearch.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/dirsearch.yml) + - [![ghcr.io/matusso/dirsearch](https://github.com/matusso/docker-builds/actions/workflows/dirsearch.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/dirsearch.yml) 3. **[ghauri](https://github.com/r0oth3x49/ghauri)** - A fast and powerful SQL injection detection and exploitation tool. - Ideal for penetration testing web applications. - - build: [![ghcr.io/matusso/ghauri](https://github.com/matusso/docker-builds/actions/workflows/ghauri.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/ghauri.yml) + - [![ghcr.io/matusso/ghauri](https://github.com/matusso/docker-builds/actions/workflows/ghauri.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/ghauri.yml) 4. **[metasploit-framework](https://github.com/rapid7/metasploit-framework)** - A comprehensive penetration testing framework. - Features exploits, payloads, and tools for security testing and research. - - build: [![ghcr.io/matusso/metasploit-framework](https://github.com/matusso/docker-builds/actions/workflows/metasploit-framework.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/metasploit-framework.yml) - - vulns: [![Vulnerabilities](https://sonarcloud.io/api/project_badges/measure?project=docker-builds%3Ametasploit-framework&metric=vulnerabilities)](https://sonarcloud.io/summary/new_code?id=docker-builds%3Ametasploit-framework) + - [![ghcr.io/matusso/metasploit-framework](https://github.com/matusso/docker-builds/actions/workflows/metasploit-framework.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/metasploit-framework.yml) + [![Vulnerabilities](https://sonarcloud.io/api/project_badges/measure?project=docker-builds%3Ametasploit-framework&metric=vulnerabilities)](https://sonarcloud.io/summary/new_code?id=docker-builds%3Ametasploit-framework) 5. **[mvt-project](https://github.com/mvt-project/mvt)** - Mobile Verification Toolkit (MVT) for analyzing mobile devices. - Assists in detecting traces of known surveillance spyware. - [![ghcr.io/matusso/mvt](https://github.com/matusso/docker-builds/actions/workflows/mvt-project.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/mvt-project.yml) - - vulns: [![Vulnerabilities](https://sonarcloud.io/api/project_badges/measure?project=docker-builds%3Amvt-project&metric=vulnerabilities)](https://sonarcloud.io/summary/new_code?id=docker-builds%3Amvt-project) + [![Vulnerabilities](https://sonarcloud.io/api/project_badges/measure?project=docker-builds%3Amvt-project&metric=vulnerabilities)](https://sonarcloud.io/summary/new_code?id=docker-builds%3Amvt-project) 6. **[kiterunner](https://github.com/assetnote/kiterunner)** - Kiterunner is a tool that is capable of not only performing traditional content discovery at lightning fast speeds, but also bruteforcing routes/endpoints in modern applications.. - - build: [![ghcr.io/matusso/kiterunner](https://github.com/matusso/docker-builds/actions/workflows/kiterunner.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/kiterunner.yml) - - vulns: [![Vulnerabilities](https://sonarcloud.io/api/project_badges/measure?project=docker-builds%3Akiterunner&metric=vulnerabilities)](https://sonarcloud.io/summary/new_code?id=docker-builds%3Akiterunner) + - [![ghcr.io/matusso/kiterunner](https://github.com/matusso/docker-builds/actions/workflows/kiterunner.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/kiterunner.yml) + [![Vulnerabilities](https://sonarcloud.io/api/project_badges/measure?project=docker-builds%3Akiterunner&metric=vulnerabilities)](https://sonarcloud.io/summary/new_code?id=docker-builds%3Akiterunner) 7. **[wafw00f](https://github.com/EnableSecurity/wafw00f)** - WAFW00F can detect a number of firewalls @@ -49,7 +49,7 @@ 8. **[routersploit](https://github.com/threat9/routersploit)** - The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. - [![ghcr.io/matusso/routersploit](https://github.com/matusso/docker-builds/actions/workflows/routersploit.yml/badge.svg)](https://github.com/matusso/docker-builds/actions/workflows/routersploit.yml) - - vulns: [![Vulnerabilities](https://sonarcloud.io/api/project_badges/measure?project=docker-builds%3Aroutersploit&metric=vulnerabilities)](https://sonarcloud.io/summary/new_code?id=docker-builds%3Aroutersploit) + [![Vulnerabilities](https://sonarcloud.io/api/project_badges/measure?project=docker-builds%3Aroutersploit&metric=vulnerabilities)](https://sonarcloud.io/summary/new_code?id=docker-builds%3Aroutersploit) ## Multi-Architecture Support @@ -101,4 +101,4 @@ #### License - This repository is distributed under the MIT License. Please check the individual projects for their respective licenses. \ No newline at end of file + This repository is distributed under the MIT License. Please check the individual projects for their respective licenses. From 1685be2cd12be093cee21275ac3903e6818b0cc7 Mon Sep 17 00:00:00 2001 From: Matus Bursa Date: Sat, 7 Dec 2024 12:39:18 +0100 Subject: [PATCH 3/7] fix rel. version for kiterunner --- .github/workflows/kiterunner.yml | 16 +++++----------- files/kiterunner/Dockerfile | 6 +----- 2 files changed, 6 insertions(+), 16 deletions(-) diff --git a/.github/workflows/kiterunner.yml b/.github/workflows/kiterunner.yml index 8521269..6477c51 100644 --- a/.github/workflows/kiterunner.yml +++ b/.github/workflows/kiterunner.yml @@ -13,6 +13,10 @@ permissions: packages: write security-events: write +env: + RELEASE_VERSION: "1.0.2" + KR_DIR: "/usr/local/kiterunner" + jobs: build-and-push: runs-on: ${{ matrix.os }} @@ -24,10 +28,6 @@ jobs: - uses: actions/checkout@v3 - uses: snyk/actions/setup@master - - name: Set release version - id: set_version - run: echo "RELEASE_VERSION=1.0.2" >> $GITHUB_ENV - - name: Log in to GitHub Container Registry uses: docker/login-action@v3 with: @@ -87,13 +87,7 @@ jobs: with: repository: assetnote/kiterunner path: kiterunner # Optional: Clone into a specific directory - ref: 'v2.5.4' - - # Set up Python 3.13 - - name: Set up Python - uses: actions/setup-python@v4 - with: - python-version: '3.13' + ref: ${{ env.RELEASE_VERSION }} # Install dependencies - name: Install dependencies diff --git a/files/kiterunner/Dockerfile b/files/kiterunner/Dockerfile index e9b922e..71903cb 100644 --- a/files/kiterunner/Dockerfile +++ b/files/kiterunner/Dockerfile @@ -1,10 +1,6 @@ # Use Alpine Linux as the base image FROM alpine:latest -# Set environment variables -ENV KR_VERSION="v1.0.2" \ - KR_DIR="/usr/local/kiterunner" - # Install dependencies RUN apk update && apk add --no-cache \ bash \ @@ -15,7 +11,7 @@ RUN apk update && apk add --no-cache \ # Clone kiterunner repository and build WORKDIR $KR_DIR -RUN git clone --depth=1 --branch "$KR_VERSION" https://github.com/assetnote/kiterunner.git . \ +RUN git clone --depth=1 --branch "$RELEASE_VERSION" https://github.com/assetnote/kiterunner.git . \ && make build \ && ln -s $(pwd)/dist/kr /usr/local/bin/kr From aaf8065e859be1a30c7088a0824592d0f677cd05 Mon Sep 17 00:00:00 2001 From: Matus Bursa Date: Sat, 7 Dec 2024 12:45:00 +0100 Subject: [PATCH 4/7] fix rel. version for kiterunner --- .github/workflows/kiterunner.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/kiterunner.yml b/.github/workflows/kiterunner.yml index 6477c51..73cf7b5 100644 --- a/.github/workflows/kiterunner.yml +++ b/.github/workflows/kiterunner.yml @@ -14,7 +14,7 @@ permissions: security-events: write env: - RELEASE_VERSION: "1.0.2" + RELEASE_VERSION: "v1.0.2" KR_DIR: "/usr/local/kiterunner" jobs: From ce956a3eef3691e6b6a43c807a46b32f435aee3c Mon Sep 17 00:00:00 2001 From: Matus Bursa Date: Sat, 7 Dec 2024 12:53:31 +0100 Subject: [PATCH 5/7] fix rel. version for kiterunner --- files/kiterunner/Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/files/kiterunner/Dockerfile b/files/kiterunner/Dockerfile index 71903cb..8e5236d 100644 --- a/files/kiterunner/Dockerfile +++ b/files/kiterunner/Dockerfile @@ -1,6 +1,9 @@ # Use Alpine Linux as the base image FROM alpine:latest +ENV KR_DIR=$KR_DIR +ENV RELEASE_VERSION=$RELEASE_VERSION + # Install dependencies RUN apk update && apk add --no-cache \ bash \ From 6525cec5c8bbdb7ace64114edaf27072c410e74c Mon Sep 17 00:00:00 2001 From: Matus Bursa Date: Sat, 7 Dec 2024 12:58:10 +0100 Subject: [PATCH 6/7] fix rel. version for kiterunner --- .github/workflows/kiterunner.yml | 7 +++++-- files/kiterunner/Dockerfile | 8 ++++---- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/.github/workflows/kiterunner.yml b/.github/workflows/kiterunner.yml index 73cf7b5..2a0ed4f 100644 --- a/.github/workflows/kiterunner.yml +++ b/.github/workflows/kiterunner.yml @@ -49,6 +49,7 @@ jobs: - name: Build and push Docker image run: | docker buildx build --push \ + --build-arg KR_DIR=${{ env.KR_DIR }} --build-arg RELEASE_VERSION=${{ env.RELEASE_VERSION }} \ --tag ghcr.io/${{ github.repository_owner }}/kiterunner:${{ env.RELEASE_VERSION }} \ --tag ghcr.io/${{ github.repository_owner }}/kiterunner:latest \ --platform linux/amd64,linux/arm64 ./files/kiterunner @@ -77,8 +78,10 @@ jobs: sarif_file: snyk.sarif sonarcloud-kiterunner: - name: Scan kiterunner - runs-on: ubuntu-latest + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: [ubuntu-latest] steps: # Checkout the kiterunner repository diff --git a/files/kiterunner/Dockerfile b/files/kiterunner/Dockerfile index 8e5236d..ecdda78 100644 --- a/files/kiterunner/Dockerfile +++ b/files/kiterunner/Dockerfile @@ -1,11 +1,11 @@ # Use Alpine Linux as the base image FROM alpine:latest -ENV KR_DIR=$KR_DIR -ENV RELEASE_VERSION=$RELEASE_VERSION +ENV KR_DIR=$KR_DIR \ + RELEASE_VERSION=$RELEASE_VERSION # Install dependencies -RUN apk update && apk add --no-cache \ +RUN KR_DIR=$KR_DIR apk update && apk add --no-cache \ bash \ build-base \ git \ @@ -14,7 +14,7 @@ RUN apk update && apk add --no-cache \ # Clone kiterunner repository and build WORKDIR $KR_DIR -RUN git clone --depth=1 --branch "$RELEASE_VERSION" https://github.com/assetnote/kiterunner.git . \ +RUN RELEASE_VERSION=$RELEASE_VERSION git clone --depth=1 --branch "$RELEASE_VERSION" https://github.com/assetnote/kiterunner.git . \ && make build \ && ln -s $(pwd)/dist/kr /usr/local/bin/kr From 23d8aa3fcac820eafcddc6ae4e108aa74b008221 Mon Sep 17 00:00:00 2001 From: Matus Bursa Date: Sat, 7 Dec 2024 13:03:19 +0100 Subject: [PATCH 7/7] fix rel. version for kiterunner --- files/kiterunner/Dockerfile | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/files/kiterunner/Dockerfile b/files/kiterunner/Dockerfile index ecdda78..993caa0 100644 --- a/files/kiterunner/Dockerfile +++ b/files/kiterunner/Dockerfile @@ -1,11 +1,14 @@ # Use Alpine Linux as the base image FROM alpine:latest -ENV KR_DIR=$KR_DIR \ - RELEASE_VERSION=$RELEASE_VERSION +ARG KR_DIR=${KR_DIR} \ + RELEASE_VERSION=${RELEASE_VERSION} + +ENV KR_DIR=${KR_DIR} \ + RELEASE_VERSION=${RELEASE_VERSION} # Install dependencies -RUN KR_DIR=$KR_DIR apk update && apk add --no-cache \ +RUN KR_DIR="$KR_DIR" apk update && apk add --no-cache \ bash \ build-base \ git \ @@ -14,7 +17,7 @@ RUN KR_DIR=$KR_DIR apk update && apk add --no-cache \ # Clone kiterunner repository and build WORKDIR $KR_DIR -RUN RELEASE_VERSION=$RELEASE_VERSION git clone --depth=1 --branch "$RELEASE_VERSION" https://github.com/assetnote/kiterunner.git . \ +RUN RELEASE_VERSION="$RELEASE_VERSION" git clone --depth=1 --branch "$RELEASE_VERSION" https://github.com/assetnote/kiterunner.git . \ && make build \ && ln -s $(pwd)/dist/kr /usr/local/bin/kr