This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"blacklisted_images": [], | |
"comment": "Custom bundle", | |
"id": "2c53a13c-1765-11e8-82ef-23527761d060", | |
"mappings": [ | |
{ | |
"id": "c4f9bf74-dc38-4ddf-b5cf-00e9c0074611", | |
"image": { | |
"type": "tag", | |
"value": "*" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
make teardown |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
make deploy ACCOUNT_ID=<your-aws-account-id> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
post_build: | |
commands: | |
- echo "Tag image to Docker Hub" | |
- docker tag ${STAGE_REPO_NAME}:${TAG} ${ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com/${STAGE_REPO_NAME}:${TAG} | |
- echo "Pushing image to Docker Hub" | |
- docker push ${ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com/${STAGE_REPO_NAME}:${TAG} | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
build: | |
commands: | |
- echo Deployment started on `date` | |
- echo Testing... | |
- anchore-cli --version | |
- anchore-cli --debug system status | |
- anchore-cli policy add user-policy/bundle.json | |
- anchore-cli --debug image add postgres:9 | |
- echo 'Waiting for image to finish analysis' | |
- anchore-cli image wait postgres:9 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
pre_build: | |
commands: | |
- echo Image repository setup started on `date` | |
- echo ECR Setup... | |
- echo Logging into AWS ECR... | |
- $(aws ecr get-login --no-include-email --region ${AWS_DEFAULT_REGION}) | |
- echo Configure Anchore Client... | |
- export ANCHORE_CLI_PASS=foobar | |
- export ANCHORE_CLI_USER=admin | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
phases: | |
install: | |
runtime-versions: | |
python: 3.7 | |
docker: 18 | |
commands: | |
- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://127.0.0.1:2375 --storage-driver=overlay2& | |
- timeout 15 sh -c "until docker info; do echo .; sleep 1; done" | |
- echo Entering the install phase..... | |
- apt-get update -y |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Test Anchore Engine scanning functionality within a pipeline stage | |
version: 0.2 | |
env: | |
variables: | |
TAG: latest | |
STAGE_REPO_NAME: tested/nginx | |
TESTED_SAMPLE_IMAGE: ${ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com/${STAGE_REPO_NAME} | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Test Anchore Engine scanning functionality within a pipeline stage | |
version: 0.2 | |
env: | |
variables: | |
TAG: latest | |
SOURCE_IMAGE: nginx:latest | |
STAGE_REPO_NAME: tested/nginx | |
TESTED_SAMPLE_IMAGE: ${ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com/${STAGE_REPO_NAME} |
NewerOlder