From 028eabb2829115a7dd72f9353682832192b758dc Mon Sep 17 00:00:00 2001
From: Julien Del-Piccolo <julien@del-piccolo.com>
Date: Fri, 24 Feb 2017 17:24:34 +0100
Subject: [PATCH 1/3] Add wrapper to download specific version of
 docker-bench-security on the fly.

Signed-off-by: Julien Del-Piccolo <julien@del-piccolo.com>
---
 Dockerfile              | 11 +++++++----
 get-specific-version.sh | 19 +++++++++++++++++++
 2 files changed, 26 insertions(+), 4 deletions(-)
 create mode 100755 get-specific-version.sh

diff --git a/Dockerfile b/Dockerfile
index 7399fd3..70e2f3f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,7 @@
 FROM alpine:3.5
 
+ENV DBS_VERSION=
+
 LABEL org.label-schema.name="docker-bench-security" \
       org.label-schema.url="https://dockerbench.com" \
       org.label-schema.vcs-url="https://github.com/docker/docker-bench-security.git"
@@ -8,9 +10,11 @@ RUN \
   apk upgrade --no-cache && \
   apk add --no-cache \
     docker \
-    dumb-init && \
+    dumb-init \
+    openssl && \
   rm -rf /usr/bin/docker-* /usr/bin/dockerd && \
-  mkdir /usr/local/bin/tests
+  mkdir /usr/local/bin/tests && \
+  mkdir /usr/share/docker-bench-security
 
 COPY ./*.sh /usr/local/bin/
 
@@ -20,5 +24,4 @@ WORKDIR /usr/local/bin
 
 HEALTHCHECK CMD exit 0
 
-ENTRYPOINT [ "/usr/bin/dumb-init", "docker-bench-security.sh" ]
-
+ENTRYPOINT [ "/usr/bin/dumb-init", "get-specific-version.sh", "docker-bench-security.sh" ]
\ No newline at end of file
diff --git a/get-specific-version.sh b/get-specific-version.sh
new file mode 100755
index 0000000..dbc15d8
--- /dev/null
+++ b/get-specific-version.sh
@@ -0,0 +1,19 @@
+#!/bin/sh
+if [ -n "${DBS_VERSION}" ]; then
+  if [ ! -f /usr/share/docker-bench-security/v${DBS_VERSION}.tar.gz ]; then
+    echo "Getting docker-bench-security v${DBS_VERSION}..."
+    wget -q -P /usr/share/docker-bench-security/ https://github.com/docker/docker-bench-security/archive/v${DBS_VERSION}.tar.gz
+    rm -rf /usr/share/docker-bench-security/docker-bench-security-${DBS_VERSION}/
+    tar xfz /usr/share/docker-bench-security/v${DBS_VERSION}.tar.gz -C /usr/share/docker-bench-security/
+  fi
+  
+  if [ -d /usr/share/docker-bench-security/docker-bench-security-${DBS_VERSION}/ ]; then
+    rm -rf /usr/local/bin/docker-bench-security.sh /usr/local/bin/helper_lib.sh /usr/local/bin/output_lib.sh
+    rm -rf /usr/local/bin/tests/*
+  
+    cp -r /usr/share/docker-bench-security/docker-bench-security-${DBS_VERSION}/*.sh /usr/local/bin/
+    cp -r /usr/share/docker-bench-security/docker-bench-security-${DBS_VERSION}/tests/*.sh /usr/local/bin/tests/
+  fi
+fi
+
+exec "$@"
\ No newline at end of file

From 83d09394b9a7b7cef7e9259c766315ee99cf19ea Mon Sep 17 00:00:00 2001
From: Julien Del-Piccolo <julien@del-piccolo.com>
Date: Wed, 1 Mar 2017 12:16:46 +0100
Subject: [PATCH 2/3] add support for downloading latest master

Signed-off-by: Julien Del-Piccolo <julien@del-piccolo.com>
---
 get-specific-version.sh | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/get-specific-version.sh b/get-specific-version.sh
index dbc15d8..3f6fd69 100755
--- a/get-specific-version.sh
+++ b/get-specific-version.sh
@@ -1,18 +1,20 @@
 #!/bin/sh
 if [ -n "${DBS_VERSION}" ]; then
-  if [ ! -f /usr/share/docker-bench-security/v${DBS_VERSION}.tar.gz ]; then
-    echo "Getting docker-bench-security v${DBS_VERSION}..."
-    wget -q -P /usr/share/docker-bench-security/ https://github.com/docker/docker-bench-security/archive/v${DBS_VERSION}.tar.gz
-    rm -rf /usr/share/docker-bench-security/docker-bench-security-${DBS_VERSION}/
-    tar xfz /usr/share/docker-bench-security/v${DBS_VERSION}.tar.gz -C /usr/share/docker-bench-security/
+  if [ ! -f /usr/share/docker-bench-security/${DBS_VERSION}.tar.gz ]; then
+    echo "Getting docker-bench-security ${DBS_VERSION}..."
+    wget -q -P /usr/share/docker-bench-security/ https://github.com/docker/docker-bench-security/archive/${DBS_VERSION}.tar.gz
+    rm -rf /usr/share/docker-bench-security/${DBS_VERSION}/
+    mkdir -p /usr/share/docker-bench-security/${DBS_VERSION}/
+    tar xfz /usr/share/docker-bench-security/${DBS_VERSION}.tar.gz -C /usr/share/docker-bench-security/${DBS_VERSION} --strip 1 --overwrite
+    rm -rfv /usr/share/docker-bench-security/${DBS_VERSION}.tar.gz
   fi
-  
-  if [ -d /usr/share/docker-bench-security/docker-bench-security-${DBS_VERSION}/ ]; then
+
+  if [ $(find /usr/share/docker-bench-security/ | wc -l) -gt 1  ]; then
     rm -rf /usr/local/bin/docker-bench-security.sh /usr/local/bin/helper_lib.sh /usr/local/bin/output_lib.sh
     rm -rf /usr/local/bin/tests/*
-  
-    cp -r /usr/share/docker-bench-security/docker-bench-security-${DBS_VERSION}/*.sh /usr/local/bin/
-    cp -r /usr/share/docker-bench-security/docker-bench-security-${DBS_VERSION}/tests/*.sh /usr/local/bin/tests/
+
+    cp -r /usr/share/docker-bench-security/${DBS_VERSION}/*.sh /usr/local/bin/
+    cp -r /usr/share/docker-bench-security/${DBS_VERSION}/tests/*.sh /usr/local/bin/tests/
   fi
 fi
 

From c873f24e56b3425d35ef6cd4cef684b3e7d1f4a7 Mon Sep 17 00:00:00 2001
From: Julien Del-Piccolo <julien@del-piccolo.com>
Date: Wed, 1 Mar 2017 14:10:25 +0100
Subject: [PATCH 3/3] Fix...

Signed-off-by: Julien Del-Piccolo <julien@del-piccolo.com>
---
 get-specific-version.sh | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/get-specific-version.sh b/get-specific-version.sh
index 3f6fd69..27ccf01 100755
--- a/get-specific-version.sh
+++ b/get-specific-version.sh
@@ -5,16 +5,16 @@ if [ -n "${DBS_VERSION}" ]; then
     wget -q -P /usr/share/docker-bench-security/ https://github.com/docker/docker-bench-security/archive/${DBS_VERSION}.tar.gz
     rm -rf /usr/share/docker-bench-security/${DBS_VERSION}/
     mkdir -p /usr/share/docker-bench-security/${DBS_VERSION}/
-    tar xfz /usr/share/docker-bench-security/${DBS_VERSION}.tar.gz -C /usr/share/docker-bench-security/${DBS_VERSION} --strip 1 --overwrite
+    tar xfzv /usr/share/docker-bench-security/${DBS_VERSION}.tar.gz -C /usr/share/docker-bench-security/${DBS_VERSION} --strip 1 --overwrite
     rm -rfv /usr/share/docker-bench-security/${DBS_VERSION}.tar.gz
   fi
 
-  if [ $(find /usr/share/docker-bench-security/ | wc -l) -gt 1  ]; then
-    rm -rf /usr/local/bin/docker-bench-security.sh /usr/local/bin/helper_lib.sh /usr/local/bin/output_lib.sh
-    rm -rf /usr/local/bin/tests/*
+  if [ $(find /usr/share/docker-bench-security/${DBS_VERSION}/ | wc -l) -gt 1  ]; then
+    rm -rfv /usr/local/bin/docker-bench-security.sh /usr/local/bin/helper_lib.sh /usr/local/bin/output_lib.sh
+    rm -rfv /usr/local/bin/tests/*
 
-    cp -r /usr/share/docker-bench-security/${DBS_VERSION}/*.sh /usr/local/bin/
-    cp -r /usr/share/docker-bench-security/${DBS_VERSION}/tests/*.sh /usr/local/bin/tests/
+    cp -rv /usr/share/docker-bench-security/${DBS_VERSION}/*.sh /usr/local/bin/
+    cp -rv /usr/share/docker-bench-security/${DBS_VERSION}/tests/*.sh /usr/local/bin/tests/
   fi
 fi