Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/aleroxac/dockerfiles
Badass base container images to be used in any project.
https://github.com/aleroxac/dockerfiles
docker dockerfile github-actions hadolint kics trivy
Last synced: 8 days ago
JSON representation
Badass base container images to be used in any project.
- Host: GitHub
- URL: https://github.com/aleroxac/dockerfiles
- Owner: aleroxac
- Created: 2022-12-17T23:02:52.000Z (about 2 years ago)
- Default Branch: main
- Last Pushed: 2024-07-21T13:58:49.000Z (6 months ago)
- Last Synced: 2024-11-16T02:12:45.935Z (2 months ago)
- Topics: docker, dockerfile, github-actions, hadolint, kics, trivy
- Language: Makefile
- Homepage: https://github.com/aleroxac/dockerfiles
- Size: 94.7 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- Contributing: docs/CONTRIBUTING.md
- Code of conduct: docs/CODE_OF_CONDUCT.md
- Security: docs/SECURITY.md
- Support: docs/SUPPORT.md
Awesome Lists containing this project
README
# dockerfiles
[](https://github.com/aleroxac/dockerfiles/actions/workflows/ci.yaml)
Badass base container images to be used in any project.
## Main technologies
## Resources
- Best practices, tips and tricks earned from professional experiences working with as SRE/DevOps/Platform Engineer
- [Docker Official Documentation](https://docs.docker.com/)
- [Label Schema Convention](http://label-schema.org/rc1/)
- [Semantic Versioning Convention](https://semver.org/spec/v2.0.0.html)
- [Keep Changelog Convention](https://keepachangelog.com/en/1.0.0/)
- [Open Source Guides](https://opensource.guide)
- [Code Manifesto](https://github.com/code-manifesto/code-manifesto)
- [Docker Content Trust](https://docs.docker.com/engine/security/trust/)
- [Scan images using aquasec/trivy](https://github.com/aquasecurity/trivy)
- [Scan dockerfiles using hadolint](https://github.com/hadolint/hadolint)
- [Scan project using kics](https://github.com/Checkmarx/kics)
- [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/)
- [OpenSSF Best Practices Badge Program](https://bestpractices.coreinfrastructure.org/en)
- [Rootless Containers](https://rootlesscontaine.rs/)
- [Git Flow](https://github.com/petervanderdoes/gitflow-avh)
- [Container Structure Tests](https://github.com/GoogleContainerTools/container-structure-test)
- [Markdown Badges](https://github.com/Ileriayo/markdown-badges)
## Features
- [x] Multiple scans to ensure maximum of conformity and security
- [x] Automations for doing some boring stuff
- [x] A demo for each image
- [x] Trusted pipeline
- [ ] Images with Content Trusted sign
- [ ] Unit, integration and e2e tests to ensure peace of mind
- [ ] Cosign Vulnerability Scan Record Attestation Specification
- [ ] Detailed documentation of how to handle the project
## Languages Supported
- [x] python
- [ ] golang
- [ ] javascript(nodejs)
- [ ] java
- [ ] php
- [ ] csharp
- [ ] lua
- [ ] shellscript
## Architectures Supported
- [x] amd64
- [x] arm64
## Image Types Supported
- [x] alpine
- [ ] slim
- [ ] distroless
- [ ] scratch
- [ ] debian
## Usage
- Choose one language and see the [demos here](demos)
## Images and tags
| image | language | base | arch |
|:---------------------------------------------------------:|:--------:|:----:|:---------:|
|[aleroxac/python](https://hub.docker.com/r/aleroxac/python)|python |alpine|linux/amd64|
## Thanks
- [vscode](https://github.com/microsoft/vscode)
- [docker](https://github.com/docker)
- [make](https://www.gnu.org/software/make/)
- [python](https://github.com/python)
- [dive](https://github.com/wagoodman/dive)
- [yamllint](https://github.com/adrienverge/yamllint)
- [hadolint](https://github.com/hadolint/hadolint)
- [trivy](https://github.com/aquasecurity/trivy)
- [kics](https://github.com/Checkmarx/kics)
- [git](https://github.com/git/git)
- [github](https://github.com/github)
- [github-actions](https://github.com/actions)
- [editorconfig](https://github.com/editorconfig)
- [mkdocs](https://github.com/mkdocs/mkdocs)
## References
- https://github.com/opencontainers
- http://label-schema.org/rc1/
- https://docs.docker.com/docker-hub/official_images/
- https://github.com/docker-library/official-images
- https://docs.docker.com/develop/dev-best-practices/
- https://docs.docker.com/develop/develop-images/dockerfile_best-practices
- https://docs.docker.com/config/labels-custom-metadata/
- https://docs.docker.com/engine/reference/builder/
- https://docs.docker.com/build/ci/github-actions/examples/#github-cache
- https://docs.docker.com/language/java/run-tests/
- https://github.com/dimorinny/dockerfile-testing
- https://www.gasparevitta.com/posts/docker-unit-test-dockerfile-image/
- https://medium.com/@renatomefi/unit-testing-writing-dockerfiles-like-a-software-developer-1759f416ce84
- https://semaphoreci.com/blog/structure-testing-for-docker-containers
- https://github.com/riyazdf/dockercon-workshop/tree/master/capabilities
- https://book.hacktricks.xyz/linux-hardening/privilege-escalation/docker-breakout/docker-breakout-privilege-escalation
- https://flast101.github.io/docker-privesc/
- https://www.testcontainers.org/
- https://docs.sigstore.dev/
- https://www.youtube.com/watch?v=eRPkNd40n94&ab_channel=FlorianLudewig
- https://github.com/opencontainers/image-spec/blob/main/spec.md
- https://github.com/theonemule/docker-waf
- https://github.com/Tintri/hello-bench
## Actions
- https://github.com/brpaz/structure-tests-action
- https://github.com/reviewdog/action-shellcheck
- https://github.com/cycjimmy/semantic-release-action
- https://github.com/actions/checkout
- https://github.com/snyk/actions/docker
- https://github.com/github/codeql-action/upload-sarif
- https://github.com/
- https://github.com/
- https://github.com/
- https://github.com/
- https://github.com/