mirror of
https://github.com/docker/docker-bench-security.git
synced 2025-06-19 13:19:07 +00:00
exclude benchmark image when excluding benchmark container
Signed-off-by: rezroo <rroodsari@mirantis.com>
This commit is contained in:
rezroo
parent
50bfd11df9
commit
b997a98fe5
2 changed files with 6 additions and 1 deletions
|
|
@ -97,10 +97,15 @@ beginjson "$version" "$(date +%s)"
|
|||
main () {
|
||||
# If there is a container with label docker_bench_security, memorize it:
|
||||
benchcont="nil"
|
||||
# Also exclude the bench container image from analysis, because it's a privileged
|
||||
for c in $(docker ps | sed '1d' | awk '{print $NF}'); do
|
||||
if docker inspect --format '{{ .Config.Labels }}' "$c" | \
|
||||
grep -e 'docker.bench.security' >/dev/null 2>&1; then
|
||||
benchcont="$c"
|
||||
benchcontimg="nil"
|
||||
temp=$(docker inspect --format '{{.Config.Image}}' $benchcont)
|
||||
benchcontimg=$(docker image ls -q $temp)
|
||||
info "Excluding container $benchcont and image $temp : $benchcontimg"
|
||||
fi
|
||||
done
|
||||
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ if [ -n "$imgList" ]; then
|
|||
images="$images $sha256 "
|
||||
done
|
||||
else
|
||||
images=$(docker images -q)
|
||||
images=$(docker images -q | grep -v $benchcontimg)
|
||||
fi
|
||||
|
||||
check_4() {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue