extern/zabbix-docker
1
0
Fork 0
mirror of https://github.com/zabbix/zabbix-docker.git synced 2025-04-12 21:38:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1313 from zabbix/6.0_sbom

Browse Source 
6.0 SBOM
This commit is contained in:
Alexey Pustovalov 2024-03-24 19:39:06 +09:00 committed by GitHub
commit f2efbc3a2c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
28 changed files with 148 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/images_build.yml vendored
View File

@ -511,6 +511,8 @@ jobs:
file: ${{ format('{0}/{1}/{2}/Dockerfile', env.DOCKERFILES_DIRECTORY, env.BASE_BUILD_NAME, matrix.os) }}
platforms: ${{ steps.platform.outputs.list }}
push: true
provenance: mode=max
sbom: true
tags: ${{ steps.meta.outputs.tags }}
labels: |
org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
@ -761,6 +763,8 @@ jobs:
file: ${{ format('{0}/{1}/{2}/Dockerfile', env.DOCKERFILES_DIRECTORY, matrix.build, matrix.os) }}
platforms: ${{ steps.platform.outputs.list }}
push: true
provenance: mode=max
sbom: true
tags: ${{ steps.meta.outputs.tags }}
build-args: BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }}
labels: |
@ -1218,6 +1222,8 @@ jobs:
file: ${{ format('{0}/{1}/{2}/Dockerfile', env.DOCKERFILES_DIRECTORY, matrix.build, matrix.os) }}
platforms: ${{ steps.platform.outputs.list }}
push: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
provenance: mode=max
sbom: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
tags: ${{ steps.meta.outputs.tags }}
build-args: BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }}
labels: |

8
Dockerfiles/agent/centos/Dockerfile
View File

@ -36,7 +36,6 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
REPOLIST="baseos,appstream,epel" && \
INSTALL_PKGS="bash \
tini \
tzdata \
iputils \
pcre2 \
libcurl-minimal \
@ -51,6 +50,13 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
dnf -y reinstall \
--disablerepo "*" \
--enablerepo "baseos" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
tzdata && \
groupadd \
--system \
--gid 1995 \

11
Dockerfiles/agent/rhel/Dockerfile
View File

@ -54,7 +54,6 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
tini \
tzdata \
iputils \
shadow-utils \
pcre2 \
@ -72,7 +71,17 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--best \
--setopt=tsflags=nodocs \
${INSTALL_PKGS} && \
microdnf -y update \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--best \
--setopt=tsflags=nodocs \
tzdata && \
microdnf -y reinstall \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \

4
Dockerfiles/agent2/alpine/Dockerfile
View File

@ -37,9 +37,9 @@ COPY --from=builder ["/tmp/mongodb_plugin/zabbix-agent2-plugin-mongodb", "/usr/s
COPY --from=builder ["/tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql", "/usr/sbin/zabbix-agent2-plugin/zabbix-agent2-plugin-postgresql"]
RUN set -eux && \
INSTALL_PKGS="tini \
INSTALL_PKGS="bash \
tini \
tzdata \
bash \
pcre2 \
coreutils \
smartmontools \

8
Dockerfiles/agent2/centos/Dockerfile
View File

@ -41,7 +41,6 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
REPOLIST="baseos,appstream,epel" && \
INSTALL_PKGS="bash \
tini \
tzdata \
iputils \
pcre2 \
libcurl-minimal \
@ -56,6 +55,13 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
dnf -y reinstall \
--disablerepo "*" \
--enablerepo "baseos" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
tzdata && \
groupadd \
--system \
--gid 1995 \

11
Dockerfiles/agent2/rhel/Dockerfile
View File

@ -59,7 +59,6 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
tini \
tzdata \
iputils \
shadow-utils \
pcre2 \
@ -78,7 +77,17 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--best \
--setopt=tsflags=nodocs \
${INSTALL_PKGS} && \
microdnf -y update \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--best \
--setopt=tsflags=nodocs \
tzdata && \
microdnf -y reinstall \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \

1
Dockerfiles/proxy-mysql/alpine/Dockerfile
View File

@ -37,6 +37,7 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_proxy.sql
RUN set -eux && \
INSTALL_PKGS="bash \
tini \
tzdata \
traceroute \
nmap \
iputils \

7
Dockerfiles/proxy-mysql/centos/Dockerfile
View File

@ -64,6 +64,13 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
dnf -y reinstall \
--disablerepo "*" \
--enablerepo "baseos" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
tzdata && \
groupadd \
--system \
--gid 1995 \

13
Dockerfiles/proxy-mysql/rhel/Dockerfile
View File

@ -90,12 +90,23 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--best \
--setopt=tsflags=nodocs \
${INSTALL_PKGS} && \
microdnf -y reinstall \
microdnf -y update \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--best \
--setopt=tsflags=nodocs \
tzdata && \
microdnf -y reinstall \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--setopt=tsflags=nodocs \
tzdata && \
groupadd \
--system \
--gid 1995 \

1
Dockerfiles/proxy-mysql/ubuntu/Dockerfile
View File

@ -40,6 +40,7 @@ RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
INSTALL_PKGS="bash \
tini \
tzdata \
traceroute \
nmap \
ca-certificates \

1
Dockerfiles/proxy-sqlite3/alpine/Dockerfile
View File

@ -36,6 +36,7 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/
RUN set -eux && \
INSTALL_PKGS="bash \
tini \
tzdata \
traceroute \
nmap \
fping \

10
Dockerfiles/proxy-sqlite3/centos/Dockerfile
View File

@ -36,8 +36,9 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
REPOLIST="baseos,appstream,epel" && \
INSTALL_PKGS="libevent \
INSTALL_PKGS="bash \
tini \
libevent \
traceroute \
nmap \
libssh \
@ -59,6 +60,13 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
dnf -y reinstall \
--disablerepo "*" \
--enablerepo "baseos" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
tzdata && \
groupadd \
--system \
--gid 1995 \

1
Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile
View File

@ -38,6 +38,7 @@ RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
INSTALL_PKGS="bash \
tini \
tzdata \
traceroute \
nmap \
ca-certificates \

8
Dockerfiles/server-mysql/centos/Dockerfile
View File

@ -42,7 +42,6 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
traceroute \
nmap \
file-libs \
tzdata \
iputils \
traceroute \
libevent \
@ -67,6 +66,13 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
dnf -y reinstall \
--disablerepo "*" \
--enablerepo "baseos" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
tzdata && \
groupadd \
--system \
--gid 1995 \

11
Dockerfiles/server-mysql/rhel/Dockerfile
View File

@ -61,7 +61,6 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
nmap \
fping \
shadow-utils \
tzdata \
iputils \
hostname \
libcurl \
@ -92,7 +91,17 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--best \
--setopt=tsflags=nodocs \
${INSTALL_PKGS} && \
microdnf -y update \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--best \
--setopt=tsflags=nodocs \
tzdata && \
microdnf -y reinstall \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \

8
Dockerfiles/server-pgsql/centos/Dockerfile
View File

@ -44,7 +44,6 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
traceroute \
nmap \
iputils \
tzdata \
traceroute \
libevent \
libssh \
@ -67,6 +66,13 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
dnf -y reinstall \
--disablerepo "*" \
--enablerepo "baseos" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
tzdata && \
groupadd \
--system \
--gid 1995 \

8
Dockerfiles/snmptraps/centos/Dockerfile
View File

@ -25,7 +25,6 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
REPOLIST="baseos,appstream" && \
INSTALL_PKGS="bash \
tzdata \
net-snmp" && \
dnf -y install \
--disablerepo "*" \
@ -34,6 +33,13 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
dnf -y reinstall \
--disablerepo "*" \
--enablerepo "baseos" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
tzdata && \
groupadd \
--system \
--gid 1995 \

18
Dockerfiles/snmptraps/rhel/Dockerfile
View File

@ -46,7 +46,6 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
shadow-utils \
tzdata \
net-snmp" && \
microdnf -y install \
--disablerepo="*" \
@ -57,6 +56,23 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--best \
--setopt=tsflags=nodocs \
${INSTALL_PKGS} && \
microdnf -y update \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--best \
--setopt=tsflags=nodocs \
tzdata && \
microdnf -y reinstall \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--setopt=tsflags=nodocs \
tzdata && \
groupadd \
--system \
--gid 1995 \

1
Dockerfiles/web-apache-mysql/alpine/Dockerfile
View File

@ -31,6 +31,7 @@ COPY ["conf/etc/", "/etc/"]
RUN set -eux && \
INSTALL_PKGS="bash \
tzdata \
apache2 \
curl \
mariadb-client \

7
Dockerfiles/web-apache-mysql/centos/Dockerfile
View File

@ -59,6 +59,13 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
dnf -y reinstall \
--disablerepo "*" \
--enablerepo "baseos" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
tzdata && \
groupadd \
--system \
--gid 1995 \

1
Dockerfiles/web-apache-mysql/ubuntu/Dockerfile
View File

@ -33,6 +33,7 @@ RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
set -eux && \
echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
INSTALL_PKGS="bash \
tzdata \
apache2 \
curl \
libapache2-mod-php \

1
Dockerfiles/web-apache-pgsql/alpine/Dockerfile
View File

@ -31,6 +31,7 @@ COPY ["conf/etc/", "/etc/"]
RUN set -eux && \
INSTALL_PKGS="bash \
tzdata \
apache2 \
curl \
php8-apache2 \

1
Dockerfiles/web-apache-pgsql/ubuntu/Dockerfile
View File

@ -33,6 +33,7 @@ RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
set -eux && \
echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
INSTALL_PKGS="bash \
tzdata \
apache2 \
curl \
libapache2-mod-php \

1
Dockerfiles/web-nginx-mysql/alpine/Dockerfile
View File

@ -31,6 +31,7 @@ COPY ["conf/etc/", "/etc/"]
RUN set -eux && \
INSTALL_PKGS="bash \
tzdata \
curl \
mariadb-client \
mariadb-connector-c \

13
Dockerfiles/web-nginx-mysql/rhel/Dockerfile
View File

@ -51,7 +51,6 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/ui", "/usr/share/zabbix"]
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
tzdata \
curl \
supervisor \
shadow-utils \
@ -84,12 +83,22 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--best \
--setopt=tsflags=nodocs \
${INSTALL_PKGS} && \
microdnf -y reinstall \
microdnf -y update \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--best \
--setopt=tsflags=nodocs \
tzdata && \
microdnf -y reinstall \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--setopt=tsflags=nodocs \
tzdata && \
groupadd \
--system \

1
Dockerfiles/web-nginx-mysql/ubuntu/Dockerfile
View File

@ -33,6 +33,7 @@ RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
set -eux && \
echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
INSTALL_PKGS="bash \
tzdata \
ca-certificates \
curl \
mysql-client \

1
Dockerfiles/web-nginx-pgsql/alpine/Dockerfile
View File

@ -31,6 +31,7 @@ COPY ["conf/etc/", "/etc/"]
RUN set -eux && \
INSTALL_PKGS="bash \
tzdata \
curl \
nginx \
php8-bcmath \

1
Dockerfiles/web-nginx-pgsql/ubuntu/Dockerfile
View File

@ -33,6 +33,7 @@ RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
set -eux && \
echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
INSTALL_PKGS="bash \
tzdata \
ca-certificates \
curl \
nginx \