Skip to content

Commit

Permalink
Merge pull request #1313 from zabbix/6.0_sbom
Browse files Browse the repository at this point in the history 
6.0 SBOM
  • Loading branch information
@dotneft
dotneft authored Mar 24, 2024
2 parents f6f2a79 + 2f4f382 commit f2efbc3
Show file tree
Hide file tree
Showing 28 changed files with 147 additions and 14 deletions.
6 changes: 6 additions & 0 deletions .github/workflows/images_build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -511,6 +511,8 @@ jobs:
file: ${{ format('{0}/{1}/{2}/Dockerfile', env.DOCKERFILES_DIRECTORY, env.BASE_BUILD_NAME, matrix.os) }}
platforms: ${{ steps.platform.outputs.list }}
push: true
provenance: mode=max
sbom: true
tags: ${{ steps.meta.outputs.tags }}
labels: |
org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
Expand Down Expand Up @@ -761,6 +763,8 @@ jobs:
file: ${{ format('{0}/{1}/{2}/Dockerfile', env.DOCKERFILES_DIRECTORY, matrix.build, matrix.os) }}
platforms: ${{ steps.platform.outputs.list }}
push: true
provenance: mode=max
sbom: true
tags: ${{ steps.meta.outputs.tags }}
build-args: BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }}
labels: |
Expand Down Expand Up @@ -1218,6 +1222,8 @@ jobs:
file: ${{ format('{0}/{1}/{2}/Dockerfile', env.DOCKERFILES_DIRECTORY, matrix.build, matrix.os) }}
platforms: ${{ steps.platform.outputs.list }}
push: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
provenance: mode=max
sbom: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
tags: ${{ steps.meta.outputs.tags }}
build-args: BUILD_BASE_IMAGE=${{ steps.base_build.outputs.base_build_image }}
labels: |
Expand Down
8 changes: 7 additions & 1 deletion Dockerfiles/agent/centos/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,6 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
REPOLIST="baseos,appstream,epel" && \
INSTALL_PKGS="bash \
tini \
tzdata \
iputils \
pcre2 \
libcurl-minimal \
Expand All @@ -51,6 +50,13 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
dnf -y reinstall \
--disablerepo "*" \
--enablerepo "baseos" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
tzdata && \
groupadd \
--system \
--gid 1995 \
Expand Down
11 changes: 10 additions & 1 deletion Dockerfiles/agent/rhel/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,6 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
tini \
tzdata \
iputils \
shadow-utils \
pcre2 \
Expand All @@ -72,7 +71,17 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--best \
--setopt=tsflags=nodocs \
${INSTALL_PKGS} && \
microdnf -y update \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--best \
--setopt=tsflags=nodocs \
tzdata && \
microdnf -y reinstall \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
Expand Down
4 changes: 2 additions & 2 deletions Dockerfiles/agent2/alpine/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,9 +37,9 @@ COPY --from=builder ["/tmp/mongodb_plugin/zabbix-agent2-plugin-mongodb", "/usr/s
COPY --from=builder ["/tmp/postgresql_plugin/zabbix-agent2-plugin-postgresql", "/usr/sbin/zabbix-agent2-plugin/zabbix-agent2-plugin-postgresql"]

RUN set -eux && \
INSTALL_PKGS="tini \
INSTALL_PKGS="bash \
tini \
tzdata \
bash \
pcre2 \
coreutils \
smartmontools \
Expand Down
8 changes: 7 additions & 1 deletion Dockerfiles/agent2/centos/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,6 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
REPOLIST="baseos,appstream,epel" && \
INSTALL_PKGS="bash \
tini \
tzdata \
iputils \
pcre2 \
libcurl-minimal \
Expand All @@ -56,6 +55,13 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
dnf -y reinstall \
--disablerepo "*" \
--enablerepo "baseos" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
tzdata && \
groupadd \
--system \
--gid 1995 \
Expand Down
11 changes: 10 additions & 1 deletion Dockerfiles/agent2/rhel/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,6 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
tini \
tzdata \
iputils \
shadow-utils \
pcre2 \
Expand All @@ -78,7 +77,17 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--best \
--setopt=tsflags=nodocs \
${INSTALL_PKGS} && \
microdnf -y update \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--best \
--setopt=tsflags=nodocs \
tzdata && \
microdnf -y reinstall \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
Expand Down
1 change: 1 addition & 0 deletions Dockerfiles/proxy-mysql/alpine/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_proxy.sql
RUN set -eux && \
INSTALL_PKGS="bash \
tini \
tzdata \
traceroute \
nmap \
iputils \
Expand Down
7 changes: 7 additions & 0 deletions Dockerfiles/proxy-mysql/centos/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,13 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
dnf -y reinstall \
--disablerepo "*" \
--enablerepo "baseos" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
tzdata && \
groupadd \
--system \
--gid 1995 \
Expand Down
11 changes: 11 additions & 0 deletions Dockerfiles/proxy-mysql/rhel/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,9 +90,20 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--best \
--setopt=tsflags=nodocs \
${INSTALL_PKGS} && \
microdnf -y update \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--best \
--setopt=tsflags=nodocs \
tzdata && \
microdnf -y reinstall \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--setopt=tsflags=nodocs \
tzdata && \
Expand Down
1 change: 1 addition & 0 deletions Dockerfiles/proxy-mysql/ubuntu/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
INSTALL_PKGS="bash \
tini \
tzdata \
traceroute \
nmap \
ca-certificates \
Expand Down
1 change: 1 addition & 0 deletions Dockerfiles/proxy-sqlite3/alpine/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/
RUN set -eux && \
INSTALL_PKGS="bash \
tini \
tzdata \
traceroute \
nmap \
fping \
Expand Down
10 changes: 9 additions & 1 deletion Dockerfiles/proxy-sqlite3/centos/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,8 +36,9 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/
RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
REPOLIST="baseos,appstream,epel" && \
INSTALL_PKGS="libevent \
INSTALL_PKGS="bash \
tini \
libevent \
traceroute \
nmap \
libssh \
Expand All @@ -59,6 +60,13 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
dnf -y reinstall \
--disablerepo "*" \
--enablerepo "baseos" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
tzdata && \
groupadd \
--system \
--gid 1995 \
Expand Down
1 change: 1 addition & 0 deletions Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
INSTALL_PKGS="bash \
tini \
tzdata \
traceroute \
nmap \
ca-certificates \
Expand Down
8 changes: 7 additions & 1 deletion Dockerfiles/server-mysql/centos/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,6 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
traceroute \
nmap \
file-libs \
tzdata \
iputils \
traceroute \
libevent \
Expand All @@ -67,6 +66,13 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
dnf -y reinstall \
--disablerepo "*" \
--enablerepo "baseos" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
tzdata && \
groupadd \
--system \
--gid 1995 \
Expand Down
11 changes: 10 additions & 1 deletion Dockerfiles/server-mysql/rhel/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,6 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
nmap \
fping \
shadow-utils \
tzdata \
iputils \
hostname \
libcurl \
Expand Down Expand Up @@ -92,7 +91,17 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--best \
--setopt=tsflags=nodocs \
${INSTALL_PKGS} && \
microdnf -y update \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--best \
--setopt=tsflags=nodocs \
tzdata && \
microdnf -y reinstall \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
Expand Down
8 changes: 7 additions & 1 deletion Dockerfiles/server-pgsql/centos/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,6 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
traceroute \
nmap \
iputils \
tzdata \
traceroute \
libevent \
libssh \
Expand All @@ -67,6 +66,13 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
dnf -y reinstall \
--disablerepo "*" \
--enablerepo "baseos" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
tzdata && \
groupadd \
--system \
--gid 1995 \
Expand Down
8 changes: 7 additions & 1 deletion Dockerfiles/snmptraps/centos/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
REPOLIST="baseos,appstream" && \
INSTALL_PKGS="bash \
tzdata \
net-snmp" && \
dnf -y install \
--disablerepo "*" \
Expand All @@ -34,6 +33,13 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
dnf -y reinstall \
--disablerepo "*" \
--enablerepo "baseos" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
tzdata && \
groupadd \
--system \
--gid 1995 \
Expand Down
18 changes: 17 additions & 1 deletion Dockerfiles/snmptraps/rhel/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,6 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
set -eux && \
INSTALL_PKGS="bash \
shadow-utils \
tzdata \
net-snmp" && \
microdnf -y install \
--disablerepo="*" \
Expand All @@ -57,6 +56,23 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--best \
--setopt=tsflags=nodocs \
${INSTALL_PKGS} && \
microdnf -y update \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--best \
--setopt=tsflags=nodocs \
tzdata && \
microdnf -y reinstall \
--disableplugin=subscription-manager \
--disablerepo "*" \
--enablerepo "ubi-8-baseos-rpms" \
--setopt=install_weak_deps=0 \
--setopt=keepcache=0 \
--best \
--setopt=tsflags=nodocs \
tzdata && \
groupadd \
--system \
--gid 1995 \
Expand Down
1 change: 1 addition & 0 deletions Dockerfiles/web-apache-mysql/alpine/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ COPY ["conf/etc/", "/etc/"]

RUN set -eux && \
INSTALL_PKGS="bash \
tzdata \
apache2 \
curl \
mariadb-client \
Expand Down
7 changes: 7 additions & 0 deletions Dockerfiles/web-apache-mysql/centos/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,13 @@ RUN --mount=type=tmpfs,target=/var/lib/dnf/ \
--setopt=install_weak_deps=False \
--best \
${INSTALL_PKGS} && \
dnf -y reinstall \
--disablerepo "*" \
--enablerepo "baseos" \
--setopt=tsflags=nodocs \
--setopt=install_weak_deps=False \
--best \
tzdata && \
groupadd \
--system \
--gid 1995 \
Expand Down
1 change: 1 addition & 0 deletions Dockerfiles/web-apache-mysql/ubuntu/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
set -eux && \
echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
INSTALL_PKGS="bash \
tzdata \
apache2 \
curl \
libapache2-mod-php \
Expand Down
1 change: 1 addition & 0 deletions Dockerfiles/web-apache-pgsql/alpine/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ COPY ["conf/etc/", "/etc/"]

RUN set -eux && \
INSTALL_PKGS="bash \
tzdata \
apache2 \
curl \
php8-apache2 \
Expand Down
1 change: 1 addition & 0 deletions Dockerfiles/web-apache-pgsql/ubuntu/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ RUN --mount=type=cache,target=/var/lib/apt/,sharing=locked \
set -eux && \
echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
INSTALL_PKGS="bash \
tzdata \
apache2 \
curl \
libapache2-mod-php \
Expand Down
Loading

0 comments on commit f2efbc3

Please sign in to comment.