use compose to improve readability

Signed-off-by: Peter <lusitania@users.noreply.github.com>
2024-11-01 08:31:44 +01:00 · 2015-09-21 11:52:39 +02:00 · 2015-09-21 11:52:39 +02:00 · 10f0689b02
commit 10f0689b02
parent dafd938d19
2 changed files with 28 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -43,6 +43,13 @@ docker run -it --net host --pid host --cap-add audit_control \
    docker-bench-security
 ```

+or use [Docker Compose](https://docs.docker.com/compose/):
+```sh
+git clone https://github.com/docker/docker-bench-security.git
+cd docker-bench-security
+docker-compose run --rm docker-bench-security
+```
+
 Also, this script can also be simply run from your base host by running:

 ```sh
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -0,0 +1,21 @@
+docker-bench-security:
+    # use image if you have a dedicated build step:
+    #   docker build --rm -t docker-bench-security .
+    # image: docker-bench-security
+
+    # use build path to Dockerfile if docker-compose should build the image
+    build: .
+
+    cap_add:
+        - audit_control
+    labels:
+        - docker_bench_security
+    net: host
+    pid: host
+    stdin_open: true
+    tty: true
+    volumes:
+        - /var/lib:/var/lib
+        - /var/run/docker.sock:/var/run/docker.sock
+        - /usr/lib/systemd:/usr/lib/systemd
+        - /etc:/etc