diff --git a/Dockerfile b/Dockerfile index f238a4216e1fc79f9b7d23fabc5bbfb3ec2e31c5..cdec17dea6fa97c47f80554213ce670e4dce9889 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,16 +1,16 @@ FROM golang:1.4.1 RUN mkdir /kube-bench WORKDIR /kube-bench -RUN wget https://raw.githubusercontent.com/aquasecurity/kubernetes-bench-security/master/cfg/config.yaml && \ - wget https://raw.githubusercontent.com/aquasecurity/kubernetes-bench-security/master/cfg/federated.yaml && \ - wget https://raw.githubusercontent.com/aquasecurity/kubernetes-bench-security/master/cfg/master.yaml && \ - wget https://raw.githubusercontent.com/aquasecurity/kubernetes-bench-security/master/cfg/node.yaml -RUN go get github.com/aquasecurity/kubernetes-bench-security -RUN cp /go/bin/kubernetes-bench-security /kube-bench/ && chmod +x /kube-bench/kubernetes-bench-security +RUN wget https://raw.githubusercontent.com/aquasecurity/kube-bench/master/cfg/config.yaml && \ + wget https://raw.githubusercontent.com/aquasecurity/kube-bench/master/cfg/federated.yaml && \ + wget https://raw.githubusercontent.com/aquasecurity/kube-bench/master/cfg/master.yaml && \ + wget https://raw.githubusercontent.com/aquasecurity/kube-bench/master/cfg/node.yaml +RUN go get github.com/aquasecurity/kube-bench +RUN cp /go/bin/kubernetes-bench /kube-bench/ && chmod +x /kube-bench/kube-bench FROM alpine:latest RUN mkdir -p /kube-bench/cfg -COPY --from=0 /kube-bench/kubernetes-bench-security /kube-bench/kube-bench +COPY --from=0 /kube-bench/kube-bench /kube-bench/kube-bench COPY --from=0 /kube-bench/config.yaml /kube-bench/cfg/config.yaml COPY --from=0 /kube-bench/federated.yaml /kube-bench/cfg/federated.yaml COPY --from=0 /kube-bench/master.yaml /kube-bench/cfg/master.yaml diff --git a/entrypoint.sh b/entrypoint.sh index 0ed1287247e2d200d36a152a08a40caa9404ae6a..4ccd821df3ff41de9b80c3bc754a9d5de906684e 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -3,7 +3,10 @@ if [ -d /host ]; then mkdir -p /host/cfg/ yes | cp -rf ./kube-bench/cfg/* /host/cfg/ yes | cp -rf ./kube-bench/kube-bench /host/ - echo "=== You can now run ./kube-bench from your host ===" + echo "===============================================" + echo "kube-bench is now installed on your host " + echo "Run ./kube-bench to perform a security check " + echo "===============================================" else echo "Usage:" echo " docker run --rm -v \`pwd\`:/host aquasec/kube-bench"