GuillaumeHemmen/docker-bench-security
1
0
Fork 0
mirror of https://github.com/docker/docker-bench-security.git synced 2025-01-31 22:32:34 +01:00
Code Issues Projects Releases Packages Wiki Activity

fix flag in help (-r for creating test results folder); also do not mount whole /etc (in README.md example), but only required sub directoris (otherwise term does not work as expected in Alpine)

Browse source
This commit is contained in:
Alexei Ledenev 2016-05-18 12:51:10 +03:00
parent f6cdaa3d3d
commit e68b554e66
3 changed files with 9 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
README.md
View file

@ -48,7 +48,7 @@ Command line switches are optional. The following switches are recognized.
-g --Generates all CIS Bats tests without execution. No further functions are performed. -g --Generates all CIS Bats tests without execution. No further functions are performed.
-p --Show results in pretty format. -p --Show results in pretty format.
-t --Show results in TAP format. This is the default format. -t --Show results in TAP format. This is the default format.
-t --Create test results files: tests_<timestamp>.tap in test result folder. -r --Create test results files: tests_<timestamp>.tap in test result folder.
-o --Specify test result folder. Default to /var/docker-bench/results. -o --Specify test result folder. Default to /var/docker-bench/results.
-h --Displays this help message. No further functions are performed. -h --Displays this help message. No further functions are performed.
@ -74,8 +74,12 @@ docker run -it --net host --pid host --cap-add audit_control \
-v /var/lib:/var/lib \ -v /var/lib:/var/lib \
-v /var/run/docker.sock:/var/run/docker.sock \ -v /var/run/docker.sock:/var/run/docker.sock \
-v /usr/lib/systemd:/usr/lib/systemd \ -v /usr/lib/systemd:/usr/lib/systemd \
-v /var/docker-bench:/var/docker-bench -v /var/docker-bench:/var/docker-bench \
-v /etc:/etc --label docker_bench_security \ -v /etc/fstab:/etc/fstab \
-v /etc/docker:/etc/docker \
-v /etc/default/docker:/etc/default/docker \
-v /etc/group:/etc/group \
--label docker_bench_security \
docker-bench-tests docker-bench-tests
``` ```

2
bats.Dockerfile
View file

@ -10,7 +10,7 @@ ENV BATS_SHA_256 480d8d64f1681eee78d1002527f3f06e1ac01e173b761bc73d0cf33f4dc1d8d
LABEL docker_bench_security=true LABEL docker_bench_security=true
RUN apk --update add curl bash \ RUN apk --update add curl bash ncurses \
&& rm -rf /var/lib/apt/lists/* \ && rm -rf /var/lib/apt/lists/* \
&& rm /var/cache/apk/* && rm /var/cache/apk/*

2
run_tests.sh
View file

@ -39,7 +39,7 @@ HELP() {
echo -e "${REV}-g${NORM} --Generates all CIS Bats tests without execution. No further functions are performed." echo -e "${REV}-g${NORM} --Generates all CIS Bats tests without execution. No further functions are performed."
echo -e "${REV}-p${NORM} --Show results in pretty format." echo -e "${REV}-p${NORM} --Show results in pretty format."
echo -e "${REV}-t${NORM} --Show results in TAP format. This is the default format." echo -e "${REV}-t${NORM} --Show results in TAP format. This is the default format."
echo -e "${REV}-t${NORM} --Create test results files: ${BOLD}tests_<timestamp>.tap${NORM} in test result folder." echo -e "${REV}-r${NORM} --Create test results files: ${BOLD}tests_<timestamp>.tap${NORM} in test result folder."
echo -e "${REV}-o${NORM} --Specify test result folder. Default to ${BOLD}$TEST_RESULTS${NORM}." echo -e "${REV}-o${NORM} --Specify test result folder. Default to ${BOLD}$TEST_RESULTS${NORM}."
echo -e "${REV}-h${NORM} --Displays this help message. No further functions are performed."\\n echo -e "${REV}-h${NORM} --Displays this help message. No further functions are performed."\\n
echo -e "Example: ${BOLD}$SCRIPT -t -o $TEST_RESULTS${NORM}"\\n echo -e "Example: ${BOLD}$SCRIPT -t -o $TEST_RESULTS${NORM}"\\n