mirror of
https://github.com/ossf/scorecard.git
synced 2024-11-05 05:17:00 +03:00
7a91384f8d
* add lines for docker files * support for other constructs * other insecure patterns * fixes * fixes * comments
38 lines
1.2 KiB
Plaintext
38 lines
1.2 KiB
Plaintext
# Copyright 2021 Security Scorecard Authors
|
||
#
|
||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||
# you may not use this file except in compliance with the License.
|
||
# You may obtain a copy of the License at
|
||
#
|
||
# http://www.apache.org/licenses/LICENSE-2.0
|
||
#
|
||
# Unless required by applicable law or agreed to in writing, software
|
||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||
# See the License for the specific language governing permissions and
|
||
# limitations under the License.
|
||
# Note: taken from https://github.com/pushiqiang/utils/blob/master/docker/Dockerfile_template
|
||
# Add tab
|
||
FROM python:3.7
|
||
|
||
RUN echo hello && wget http://file-with-sudo -O /tmp/file3
|
||
|
||
RUN ["echo", "hello", "&&", "wget", "http://file-with-sudo", "-O", "/tmp/file1"]
|
||
|
||
# 如果在中国,pip使用豆瓣源
|
||
#RUN curl -s ifconfig.co/json | grep "China" > /dev/null && \
|
||
# pip install -r requirements.txt -i https://pypi.doubanio.com/simple --trusted-host pypi.doubanio.com || \
|
||
RUN bla && \
|
||
echo
|
||
|
||
RUN ["echo", "hello", "&&", "/tmp/file3"]
|
||
|
||
RUN ["echo", "hello", "&&", "/tmp/file1"]
|
||
|
||
RUN echo hi && \
|
||
bash /tmp/file3 && \
|
||
echo bla
|
||
|
||
|
||
RUN bash /tmp/file1 && \
|
||
echo bla |