'Inject a binary into a Docker Image
I need to create automation to inject a binary (security tool) to every docker image(pre-built) that is going to be promoted to higher envs (Promote To Prod), we already have a pipeline that does PTP but I would like to validate if the binary (security tool) already exists as part of the image if not inject it to the Image and push.
The binary (security tool) is stored my artifactory so basically, I wanna do below steps for an image thats already built and package again and push to registry.
ADD Sec-Binary /bin/Sec-Binary
RUN chmod +x /bin/Sec-Binary
RUN ["/bin/Sec-Binary", "init"]
In the end I expect to see below:
$ docker run -ti --rm my-sec-image:1 ls /bin/Sec-Binary
-rwxr-xr-x 398 sec-user sec-user 1.1M Jun 2 2020 Sec-Binary
Solution 1:[1]
Could you not just add FROM <existing_image>:<ver> to the top of your new Dockerfile directives and build it every time into a new image?
Then your pipeline needs only docker build <location> -t my-sec-image:1 before PTP.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | mids |