Add wrapper to download specific version of docker-bench-security on the fly.

Signed-off-by: Julien Del-Piccolo <julien@del-piccolo.com>

Dockerfile

@@ -1,5 +1,7 @@
 FROM alpine:3.5
 
+ENV DBS_VERSION=
+
 LABEL org.label-schema.name="docker-bench-security" \
       org.label-schema.url="https://dockerbench.com" \
       org.label-schema.vcs-url="https://github.com/docker/docker-bench-security.git"
@@ -8,9 +10,11 @@ RUN \
   apk upgrade --no-cache && \
   apk add --no-cache \
     docker \
-    dumb-init && \
+    dumb-init \
+    openssl && \
   rm -rf /usr/bin/docker-* /usr/bin/dockerd && \
-  mkdir /usr/local/bin/tests
+  mkdir /usr/local/bin/tests && \
+  mkdir /usr/share/docker-bench-security
 
 COPY ./*.sh /usr/local/bin/
 
@@ -20,5 +24,4 @@ WORKDIR /usr/local/bin
 
 HEALTHCHECK CMD exit 0
 
-ENTRYPOINT [ "/usr/bin/dumb-init", "docker-bench-security.sh" ]
-
+ENTRYPOINT [ "/usr/bin/dumb-init", "get-specific-version.sh", "docker-bench-security.sh" ]

get-specific-version.sh

@@ -0,0 +1,19 @@
+#!/bin/sh
+if [ -n "${DBS_VERSION}" ]; then
+  if [ ! -f /usr/share/docker-bench-security/v${DBS_VERSION}.tar.gz ]; then
+    echo "Getting docker-bench-security v${DBS_VERSION}..."
+    wget -q -P /usr/share/docker-bench-security/ https://github.com/docker/docker-bench-security/archive/v${DBS_VERSION}.tar.gz
+    rm -rf /usr/share/docker-bench-security/docker-bench-security-${DBS_VERSION}/
+    tar xfz /usr/share/docker-bench-security/v${DBS_VERSION}.tar.gz -C /usr/share/docker-bench-security/
+  fi
+  
+  if [ -d /usr/share/docker-bench-security/docker-bench-security-${DBS_VERSION}/ ]; then
+    rm -rf /usr/local/bin/docker-bench-security.sh /usr/local/bin/helper_lib.sh /usr/local/bin/output_lib.sh
+    rm -rf /usr/local/bin/tests/*
+  
+    cp -r /usr/share/docker-bench-security/docker-bench-security-${DBS_VERSION}/*.sh /usr/local/bin/
+    cp -r /usr/share/docker-bench-security/docker-bench-security-${DBS_VERSION}/tests/*.sh /usr/local/bin/tests/
+  fi
+fi
+
+exec "$@"