From cc98e55b9d24f1c1a69ec01662ea24225ed1d89d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20Sj=C3=B6gren?= Date: Thu, 26 Jan 2017 14:53:47 +0100 Subject: [PATCH] md lint and use labels MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Thomas Sjögren --- CONTRIBUTING.md | 28 +++++++++++++++++++--------- distros/README.md | 17 ++++++++++------- 2 files changed, 29 insertions(+), 16 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 020291f..5cb9a26 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -3,20 +3,22 @@ Want to hack on Docker Bench? Awesome! Here are instructions to get you started. -The Docker Bench for Security is a part of the [Docker](https://www.docker.com) project, and follows -the same rules and principles. If you're already familiar with the way -Docker does things, you'll feel right at home. +The Docker Bench for Security is a part of the [Docker](https://www.docker.com) +project, and follows the same rules and principles. If you're already familiar +with the way Docker does things, you'll feel right at home. Otherwise, go read [Docker's contributions guidelines](https://github.com/docker/docker/blob/master/CONTRIBUTING.md). -### Development Environment Setup +## Development Environment Setup -The only thing you need to hack on Docker Bench for Security is a POSIX 2004 compliant shell. We try to keep the project compliant for maximum portability +The only thing you need to hack on Docker Bench for Security is a POSIX 2004 +compliant shell. We try to keep the project compliant for maximum portability. -#### Start hacking +### Start hacking You can build the container that wraps the docker-bench for security: + ```sh ✗ git clone git@github.com:docker/docker-bench-security.git ✗ cd docker-bench-security @@ -31,7 +33,9 @@ Or you can simply run the shell script locally: ✗ sh docker-bench-security.sh ``` -The Docker Bench has the main script called `docker-bench-security.sh`. This is the main script that checks for all the dependencies, deals with command line arguments and loads all the tests. +The Docker Bench has the main script called `docker-bench-security.sh`. +This is the main script that checks for all the dependencies, deals with +command line arguments and loads all the tests. The tests are split in 6 different files: @@ -46,6 +50,12 @@ tests/ └── 6_docker_security_operations.sh ``` -To modify the Docker Bench for Security you should first clone the repository, make your changes, check your code with `shellcheck`, `checkbashisms` or similar tools, and then sign off on your commits. After that feel free to send us a pull-request with the changes. +To modify the Docker Bench for Security you should first clone the repository, +make your changes, check your code with `shellcheck`, `checkbashisms` or similar +tools, and then sign off on your commits. After that feel free to send us a +pull request with the changes. -While this tool is inspired by the [CIS Docker 1.11.0 benchmark](https://benchmarks.cisecurity.org/downloads/show-single/index.cfm?file=docker16.110), feel free to add new tests. We will try to turn dockerbench.com into a list of good community benchmarks for both security and performance, and we would love community contributions. +While this tool was inspired by the [CIS Docker 1.11.0 benchmark](https://benchmarks.cisecurity.org/downloads/show-single/index.cfm?file=docker16.110), +feel free to add new tests. We will try to turn [dockerbench.com](https://dockerbench.com) +into a list of good community benchmarks for both security and performance, +and we would love community contributions. diff --git a/distros/README.md b/distros/README.md index a5686e1..be4de17 100644 --- a/distros/README.md +++ b/distros/README.md @@ -3,16 +3,19 @@ ## Requirements ### Dockerfile name -The format should be `Dockerfile.{distribution name}`. + +The format should be `Dockerfile.{distribution name}`. ### Keep your images up-to-date + Use the distribution package manager to keep your image up-to-date. -### REPOSITORY -Add a `REPOSITORY` comment with the URL to your GitHub repository where the Dockerfile is present. -`# REPOSITORY ` +### Labels -### MAINTAINER -Add the `MAINTAINER` instruction and your contact details, GitHub aliases are acceptable. +Use the following labels in your Dockerfile: -For an example Dockerfile, please refer to `Dockerfile.alpine`. +``` +LABEL org.label-schema.name="docker-bench-security" \ + org.label-schema.url="" \ + org.label-schema.vcs-url="