{"id":20801967,"url":"https://github.com/philips-software/docker-blackduck","last_synced_at":"2025-09-28T10:30:34.875Z","repository":{"id":39442074,"uuid":"177787805","full_name":"philips-software/docker-blackduck","owner":"philips-software","description":"BlackDuck docker setup","archived":false,"fork":false,"pushed_at":"2023-04-05T21:56:38.000Z","size":269,"stargazers_count":7,"open_issues_count":6,"forks_count":8,"subscribers_count":8,"default_branch":"main","last_synced_at":"2024-11-17T18:37:55.507Z","etag":null,"topics":["docker-images","hacktoberfest"],"latest_commit_sha":null,"homepage":"","language":"Dockerfile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/philips-software.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.md","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null}},"created_at":"2019-03-26T12:50:50.000Z","updated_at":"2023-06-09T21:53:58.000Z","dependencies_parsed_at":"2023-01-30T19:45:51.067Z","dependency_job_id":null,"html_url":"https://github.com/philips-software/docker-blackduck","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/philips-software%2Fdocker-blackduck","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/philips-software%2Fdocker-blackduck/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/philips-software%2Fdocker-blackduck/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/philips-software%2Fdocker-blackduck/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/philips-software","download_url":"https://codeload.github.com/philips-software/docker-blackduck/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":234508004,"owners_count":18844205,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker-images","hacktoberfest"],"created_at":"2024-11-17T18:26:45.780Z","updated_at":"2025-09-28T10:30:34.546Z","avatar_url":"https://github.com/philips-software.png","language":"Dockerfile","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![Build Status](https://github.com/philips-software/docker-blackduck/workflows/build/badge.svg)](https://github.com/philips-software/docker-blackduck/actions/)\n[![Slack](https://philips-software-slackin.now.sh/badge.svg)](https://philips-software-slackin.now.sh)\n\n# Docker images\n\nThis repo will contain docker images with [Blackduck](https://www.blackducksoftware.com/)\n\nCurrent versions available:\n\n```\n.\n├── 7\n│   ├── golang\n│   ├── java\n│   ├── node\n│   ├── python\n│   ├── dotnetcore-2.2.110\n│   ├── dotnetcore-3.0.101\n│   ├── dotnetcore-3.1.102\n│   └── dotnetcore-3.1.302\n├── 8\n│   ├── golang\n│   ├── java\n│   ├── node\n│   ├── python\n│   ├── dotnetcore-2.2.110\n│   ├── dotnetcore-3.0.101\n│   ├── dotnetcore-3.1.102\n│   └── dotnetcore-3.1.302\n```\n\n## Usage\n\nImages can be found on [https://hub.docker.com/r/philipssoftware/blackduck/](https://hub.docker.com/r/philipssoftware/blackduck/).\n\n``` bash\ndocker run philipssoftware/blackduck:7 /app/detect.sh --help\ndocker run philipssoftware/blackduck:7 /app/detect.sh -hv\n```\n\nIn order to analyse a project use the following structure.\n\n_Replace all \u003cyour-xxxxx\u003e variables with your own variables_\n\n###### Source code scan\n``` bash\ndocker run -v $(pwd):/code philipssoftware/blackduck:7 /app/detect.sh \\\n  --blackduck.url=\u003cyour-blackduck-url\u003e \\\n  --blackduck.api.token=\u003cyour-token\u003e \\\n  --detect.policy.check=true \\\n  --detect.source.path=/code \\\n  --detect.project.name=\u003cyour-project-name\u003e \\\n  --detect.project.version.name=\u003cyour-version\u003e\n```\n\n###### Docker image scan\n``` bash\n# If you can share docker mount with blackduck imageinspector\ndocker run -v /var/run/docker.sock:/var/run/docker.sock --network=\"host\" philipssoftware/blackduck:7-docker \\\n  /app/detect.sh --blackduck.url=\u003cyour-blackduck-url\u003e --blackduck.api.token=\u003cyour-token\u003e --detect.policy.check=true \\\n  --detect.project.name=\u003cyour-project-name\u003e --detect.project.version.name=\u003cyour-version\u003e --detect.docker.image=\u003cyour-image\u003e\n\n# If you want to mount and provide blackduck imageinspector working directory\nmkdir $(pwd)/shared\ndocker run -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):$(pwd) --network=\"host\" -w $(pwd) philipssoftware/blackduck:7-docker \\\n  /airgap/packaged-inspectors/docker/blackduck-docker-inspector.sh --blackduck.url=\u003cyour-blackduck-url\u003e --blackduck.api.token=\u003cyour-token\u003e \\\n  --detect.policy.check=true --detect.project.name=\u003cyour-project-name\u003e --detect.project.version.name=\u003cyour-version\u003e \\\n  --detect.docker.image=\u003cyour-image\u003e --shared.dir.path.local=$(pwd)/shared\n```\n\n\n\n### Air Gap\n\nBy setting setting the environment variable `DETECT_AIR_GAP` to `true` you can enable [Air Gap](https://synopsys.atlassian.net/wiki/spaces/INTDOCS/pages/88506397/Running+Synopsys+Detect+in+Air+Gap+Offline+and+Dry+Run+Modes). This eliminate the need for internet access that Detect requires to download those dependencies. Currently only the `gradle` inspector is supported. This mode is particularly useful when you are behind a corporate firewall which blocks connections to JFrog Artifactory.\n\nExample:\n\n```bash\ndocker run -e DETECT_AIR_GAP=true -v $(pwd):/code philipssoftware/blackduck:6 /app/detect.sh --blackduck.url=\u003cyour-blackduck-url\u003e --blackduck.api.token=\u003cyour-token\u003e --blackduck.trust.cert=true --detect.policy.check=true --detect.source.path=/code --detect.project.name=\u003cyour-project-name\u003e --detect.project.version.name=\u003cyour-version\u003e\n```\n\n## Content\n\nThe images obviously contain blackduck and java8, but also two other files:\n\n- `REPO`\n- `TAGS`\n\n### REPO\n\nThis file has a url to the REPO with specific commit-sha of the build.\nExample:\n\n```\n$ docker run philipssoftware/blackduck:6 cat REPO\nhttps://github.com/philips-software/docker-blackduck/tree/facb2271e5a563e5d6f65ca3f475cefac37b8b6c\n```\n\n### TAGS\n\nThis contains all the similar tags at the point of creation.\n\n```\n$ docker run philipssoftware/blackduck:6 cat TAGS\nblackduck blackduck:6 blackduck:6.7 blackduck:6.7.0\n```\n\nYou can use this to pin down a version of the container from an existing development build for production. When using `blackduck:6` for development. This ensures that you've got all security updates in your build. If you want to pin the version of your image down for production, you can use this file inside of the container to look for the most specific tag, the last one.\n\n## Simple Tags\n\n### blackduck\n- `blackduck`, `blackduck:7`, `blackduck:7.14`, `blackduck:7.14.0` [7/java/Dockerfile](7/java/Dockerfile)\n\n### blackduck with node\n- `blackduck:node`, `blackduck:7-node`, `blackduck:7.14-node`, `blackduck:7.14.0-node` [7/node/Dockerfile](7/node/Dockerfile)\n\n### blackduck with python\n- `blackduck:python`, `blackduck:7-python`, `blackduck:7.14-python`, `blackduck:7.14.0-python` [7/python/Dockerfile](7/python/Dockerfile)\n\n### blackduck with golang\n- `blackduck:golang`, `blackduck:7-golang`, `blackduck:7.14-golang`, `blackduck:7.14.0-golang` [7/golang/Dockerfile](7/golang/Dockerfile)\n\n### blackduck with dotnetcore-2.2.110\n- `blackduck:dotnetcore-2.2.110`, `blackduck:7-dotnetcore-2.2`, `blackduck:7.14-dotnetcore-2.2.110`, `blackduck:7.14.0-dotnetcore-2.2.110` [7/dotnetcore-2.2.110/Dockerfile](7/dotnetcore-2.2.110/Dockerfile)\n\n### blackduck with dotnetcore-3.0.101\n- `blackduck:7.14-dotnetcore-3.0`, `blackduck:7.14.0-dotnetcore-3.0.101` [7/dotnetcore-3.0.101/Dockerfile](7/dotnetcore-3.0.101/Dockerfile)\n\n### blackduck with dotnetcore-3.1.102\n- `blackduck:7.14.0-dotnetcore-3.1.102` [7/dotnetcore-3.1.102/Dockerfile](7/dotnetcore-3.1.102/Dockerfile)\n\n### blackduck with dotnetcore-3.1.302\n- `blackduck:dotnetcore`, `blackduck:7-dotnetcore`, `blackduck:7-dotnetcore-3`, `blackduck:7-dotnetcore-3.1`, `blackduck:7.14-dotnetcore`, `blackduck:7.-dotnetcore-3.1`, `blackduck:7.14.0-dotnetcore`, `blackduck:7.14.0-dotnetcore-3.1.302` [7/dotnetcore-3.1.302/Dockerfile](7/dotnetcore-3.1.302/Dockerfile)\n\n### blackduck with docker detector\n- `blackduck:docker`, `blackduck:7-docker`, `blackduck:7.14-docker`, `blackduck:7.14.0-docker` [7/docker/Dockerfile](7/docker/Dockerfile)\n\n### blackduck version 8.\n\nAll images above are also available for version 8.1.1, but since some heavily used deprecated arguments, we did not make 8 the `latest` version yet.\n\n## Why\n\n\u003e Why do we have our own docker image definitions?\n\nWe often need some tools in a container for checking some things. F.e. [jq](https://stedolan.github.io/jq/), [aws-cli](https://aws.amazon.com/cli/) and [curl](https://curl.haxx.se/).\nWe can install this every time we need a container, but having this baked into a container seems a better approach.\n\nThat's why we want our own docker file definitions.\n\n## Known Issues\n\nCurrently this image only has java. Running a project with `yarn` or `npm` will not work yet.\n\n## Issues\n\n- If you have an issue: report it on the [issue tracker](https://github.com/philips-software/docker-blackduck/issues)\n\n## License\n\nLicense is MIT. See [LICENSE file](LICENSE.md)\n\n## Contributors\n\n[//]: contributor-faces\n\u003ca href=\"https://github.com/JeroenKnoops\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/10019?v=4\" title=\"JeroenKnoops\" width=\"80\" height=\"80\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/bartgolsteijn\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/3263880?v=4\" title=\"bartgolsteijn\" width=\"80\" height=\"80\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/loafoe\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/14123216?v=4\" title=\"loafoe\" width=\"80\" height=\"80\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/kishoreinvits\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/6522155?v=4\" title=\"kishoreinvits\" width=\"80\" height=\"80\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/marcofranssen\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/694733?v=4\" title=\"marcofranssen\" width=\"80\" height=\"80\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/prakashguru\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/11089125?v=4\" title=\"prakashguru\" width=\"80\" height=\"80\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/dmixonphilips\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/56551812?v=4\" title=\"dmixonphilips\" width=\"80\" height=\"80\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/sudheeshps\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/40300928?v=4\" title=\"sudheeshps\" width=\"80\" height=\"80\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/marcel-dias\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/233598?v=4\" title=\"marcel-dias\" width=\"80\" height=\"80\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/Wetula\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/73251035?v=4\" title=\"Wetula\" width=\"80\" height=\"80\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/timovandeput\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/5458560?v=4\" title=\"timovandeput\" width=\"80\" height=\"80\"\u003e\u003c/a\u003e\n\n[//]: contributor-faces\n\n## Philips Forest\n\nThis module is part of the Philips Forest.\n\n```\n                                                     ___                   _\n                                                    / __\\__  _ __ ___  ___| |_\n                                                   / _\\/ _ \\| '__/ _ \\/ __| __|\n                                                  / / | (_) | | |  __/\\__ \\ |_\n                                                  \\/   \\___/|_|  \\___||___/\\__|\n\n                                                                 Infrastructure\n```\n\nTalk to the forestkeepers in the `docker-images`-channel on Slack.\n\n[![Slack](https://philips-software-slackin.now.sh/badge.svg)](https://philips-software-slackin.now.sh)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fphilips-software%2Fdocker-blackduck","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fphilips-software%2Fdocker-blackduck","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fphilips-software%2Fdocker-blackduck/lists"}