From 7f29aebd71710fe62db1ae25b87e03a9ab69b422 Mon Sep 17 00:00:00 2001 From: jammasterj89 Date: Mon, 29 Jul 2019 16:16:14 +0100 Subject: [PATCH] Added $images to $exclude Added $images $exclude logic so now containers and images are excluded. Added new $benchimagecont for images to replicate the $benchcont for containers. Signed-off-by: Niall T --- docker-bench-security.sh | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/docker-bench-security.sh b/docker-bench-security.sh index 2e7d0e6..b4ccbf3 100755 --- a/docker-bench-security.sh +++ b/docker-bench-security.sh @@ -103,15 +103,27 @@ main () { benchcont="$c" fi done + + # get the image id of the docker_bench_security_image, memorize it: + benchimagecont="nil" + for c in $(docker images | sed '1d' | awk '{print $3}'); do + if docker inspect --format '{{ .Config.Labels }}' "$c" | \ + grep -e 'docker.bench.security' >/dev/null 2>&1; then + benchimagecont="$c" + fi + done if [ -n "$include" ]; then pattern=$(echo "$include" | sed 's/,/|/g') containers=$(docker ps | sed '1d' | awk '{print $NF}' | grep -v "$benchcont" | grep -E "$pattern") + images=$(docker images | grep -E "$pattern" | sed '1d' | awk '{print $3}' | grep -v "$benchimagecont") elif [ -n "$exclude" ]; then pattern=$(echo "$exclude" | sed 's/,/|/g') containers=$(docker ps | sed '1d' | awk '{print $NF}' | grep -v "$benchcont" | grep -Ev "$pattern") + images=$(docker images | grep -Ev "$pattern" | sed '1d' | awk '{print $3}' | grep -v "$benchimagecont") else containers=$(docker ps | sed '1d' | awk '{print $NF}' | grep -v "$benchcont") + images=$(docker images -q | grep -v "$benchcont") fi if [ -z "$containers" ]; then