forked from metalstormbass/mk.js
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile.snykscan
27 lines (24 loc) · 941 Bytes
/
Dockerfile.snykscan
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
#Dockerfile
#Stage 1 - Build Image Poorly
FROM debian:8.7 as builder
WORKDIR mk
COPY . /mk
RUN apt-get update && apt install nodejs npm -y
RUN npm install ./server
#Stage 2 - Snyk Scan
FROM snyk/snyk:node-12 as snyk
WORKDIR mk
COPY --from=builder mk ./
CMD ["snyk", "test --all-projects --json"]
# To run this step
#1. docker build -f ./Dockerfile.snykscan . -t <IMAGE_TAG_NAME> --target snyk
#2. docker run -it -p 55554:55555 -e SNYK_TOKEN=<ENTER_SNYK_TOKEN> <IMAGE_TAG_NAME>
#docker run -it -p 55554:55555 -e SNYK_TOKEN=<ENTER_SNYK_TOKEN> <IMAGE_TAG_NAME> > pre_output.json
#tail -n +2 pre_output.json > output.json && sed -i '.bak' '1s/^/{\'$'\n/g' output.json && rm pre_output.json && rm output.json.bak && cat output.json | snyk-to-html > results.html
#Stage 3 - Final Image
FROM node:14.1.0
RUN apt-get update && apt install debian-goodies -y
WORKDIR mk
COPY --from=builder mk ./
EXPOSE 55555
CMD nodejs ./server/server.js