github.com/google/osv-scalibr@v0.4.1/run_scalibr_on_image.sh

github.com/google/osv-scalibr@v0.4.1/run_scalibr_on_image.sh (about)

     1  #!/bin/bash
     2  
     3  # Pulls a container image and runs SCALIBR's extraction plugins on it,
     4  # producing a scalibr-result.textproto in the current directory.
     5  # Example usage: ./run_scalibr_on_image.sh alpine:latest
     6  
     7  set -ex
     8  # Create a temp directory for SCALIBR.
     9  tmp=$(mktemp -d)
    10  function cleanup {
    11    rm -rf "$tmp"
    12  }
    13  
    14  # Register the cleanup function to be called on the EXIT signal.
    15  trap cleanup EXIT
    16  
    17  # Build SCALIBR and copy it into the tmp dir.
    18  touch "$tmp/scalibr-result.textproto"
    19  make scalibr-static
    20  cp -f scalibr "$tmp/scalibr"
    21  chmod -R 777 $tmp
    22  
    23  # Mount the dir containing SCALIBR and run it on the container.
    24  docker run --entrypoint "" -v "$tmp:/scalibr_working_dir:rw" "$1" /scalibr_working_dir/scalibr --result=/scalibr_working_dir/scalibr-result.textproto  --root=/  --extractors=all,untested --skip-dirs=/scalibr_working_dir
    25  
    26  # Move the results to the CWD.
    27  cp $tmp/scalibr-result.textproto scalibr-result.textproto