Merge pull request #2 from ueberdosis/feature/bump-versions

Feature/bump versions
ueberdosis · Oct 12, 2023 · f88d5e4 · f88d5e4
2 parents 083f5b8 + 41004d1
commit f88d5e4
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 22 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,7 +1,7 @@
-FROM docker:23.0-cli
+FROM docker:24.0-cli
 LABEL maintainer="Patrick Baber <[email protected]>"
 
-ENV REGCLIENT_VERSION "0.4.7"
+ENV REGCLIENT_VERSION "0.5.3"
 
 ARG TARGETARCH
 
@@ -26,7 +26,7 @@ RUN if [ "$TARGETARCH" = "arm64" ]; then ARCHITECTURE="linux-arm64"; else ARCHIT
     chmod +x /usr/local/bin/regctl
 
 # Install Trivy
-COPY --from=aquasec/trivy:0.35.0 /usr/local/bin/trivy /usr/local/bin/trivy
+COPY --from=aquasec/trivy:0.45.1 /usr/local/bin/trivy /usr/local/bin/trivy
 RUN chmod +x /usr/local/bin/trivy
 
 # copy ci script

diff --git a/README.md b/README.md
@@ -1,51 +1,60 @@
 # 🛠️ Build Tools
 
-Docker image with useful CI/CD tools
+Docker image with useful CI/CD tools optimized for use in GitLab CI pipelines.
 
 ## Tools included
 
 - bash
 - curl
-- Docker
-- Docker Buildx
-- Docker Compose
+- [Docker](https://docs.docker.com/engine/reference/commandline/cli/)
+- [Docker Buildx](https://docs.docker.com/build/architecture/#buildx)
+- [Docker Compose](https://docs.docker.com/get-started/08_using_compose/)
 - git
 - openssl
-- regctl
+- [regctl](https://github.com/regclient/regclient) (for advanced image handling)
 - rsync
-- sshpass
-- trivy
+- [sshpass](https://www.redhat.com/sysadmin/ssh-automation-sshpass) (for SSH servers with password authentication)
+- [trivy](https://aquasecurity.github.io/trivy/v0.45/)
 
 ## Dependencies
 
 Docker
 
 ## Getting started
 
-Include the image via the **image** keyword in your `.gitlab-ci.yml`:
+Include the image via the **default.image** keyword in your `.gitlab-ci.yml`:
 
 ```yaml
-image: ueberdosis/build-tools
+default:
+  image: ueberdosis/build-tools:0.63.0
 ```
 
 ## Usage examples
 
+### Build images with Docker Compose
+
+Specify `COMPOSE_FILE` if different from the default: `docker-compose.yml`. See [Docker Compose documentation](https://docs.docker.com/compose/compose-file/build/) for more details.
+
+```yaml
+build_app:
+  variables:
+    COMPOSE_FILE: docker-compose.build.yml
+  stage: build
+  script:
+    - docker-compose build app
+    - docker-compose push app
+```
+
 ### Run trivy
 
-Adjust the image-name and tag after copying the command to your `.gitlab-ci.yml`.
+Adjust the image-name and tag after copying the command to your `.gitlab-ci.yml`. See [trivy documentation](https://aquasecurity.github.io/trivy/v0.45/docs/target/container_image/) for more details.
 
 ```yaml
 container_scan:
-  stage: test
-  cache:
-    paths:
-      - $HOME/.cache/trivy
-  except:
-    - schedule
   script:
     - |
-      trivy --quiet image \
-        --severity CRITICAL \
+      trivy image \
+        --severity HIGH,CRITICAL \
         --ignore-unfixed \
         --exit-code 1 \
         registry.gitlab.com/your-repository-path/your-image-name:your-tag
@@ -56,7 +65,7 @@ container_scan:
 To release a new version on Docker Hub run:
 
 ```bash
-export VERSION="0.59.0"
+export VERSION="0.63.0"
 
 # Init buildx
 docker buildx create --use