paspo/docker-glpi
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: paspo:10.0.11
Branches Tags
paspo:master
paspo:10.0.20 paspo:10.0.18 paspo:10.0.17 paspo:10.0.16 paspo:10.0.15 paspo:10.0.14 paspo:10.0.13 paspo:10.0.12 paspo:10.0.11 paspo:10.0.10 paspo:10.0.9 paspo:10.0.9-ok paspo:10.0.8 paspo:10.0.7
...
compare: paspo:e6c28c3b15601337ef3c715849d48faa6fbaf587
Branches Tags
paspo:master
paspo:10.0.20 paspo:10.0.18 paspo:10.0.17 paspo:10.0.16 paspo:10.0.15 paspo:10.0.14 paspo:10.0.13 paspo:10.0.12 paspo:10.0.11 paspo:10.0.10 paspo:10.0.9 paspo:10.0.9-ok paspo:10.0.8 paspo:10.0.7

10 Commits
10.0.11 ... e6c28c3b15

Author SHA1 Message Date
paspo
e6c28c3b15 fix trivy
All checks were successful
continuous-integration/drone/push Build is passing
Details
Vulnerability Scan / Daily Vulnerability Scan (push) Successful in 2m22s
Details
2025-01-17 08:01:20 +01:00
paspo
d2824d0831 cached trivy db
All checks were successful
continuous-integration/drone/push Build is passing
Details
Vulnerability Scan / Daily Vulnerability Scan (push) Successful in 10m43s
Details
2024-12-02 16:41:18 +01:00
paspo
fb51b8e9da glpi upgrade
Some checks are pending
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/tag Build is passing
Details
Vulnerability Scan / Daily Vulnerability Scan (push) Has started running
Details
2024-11-06 12:02:03 +01:00
paspo
f21a2ecfbe php upgrade
Some checks failed
continuous-integration/drone/tag Build is passing
Details
continuous-integration/drone/push Build is passing
Details
Vulnerability Scan / Daily Vulnerability Scan (push) Failing after 7s
Details
2024-07-03 12:26:40 +02:00
paspo
d64c4d63f2 alpine update 2024-07-03 11:40:32 +02:00
paspo
47adcd273c glpi upgrade
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/tag Build is passing
Details
2024-07-03 11:30:39 +02:00
paspo
9579efb437 glpi upgrade
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/tag Build is passing
Details
Vulnerability Scan / Daily Vulnerability Scan (push) Successful in 1m0s
Details
2024-04-26 13:16:01 +02:00
paspo
0174c5fa3c glpi upgrade
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/tag Build is passing
Details
Vulnerability Scan / Daily Vulnerability Scan (push) Successful in 1m0s
Details
2024-03-14 10:55:54 +01:00
paspo
7c81af35e6 glpi upgrade
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/tag Build is passing
Details
Vulnerability Scan / Daily Vulnerability Scan (push) Successful in 2m21s
Details
2024-03-13 10:10:37 +01:00
Paolo Asperti
75aa86c758 glpi upgrade
All checks were successful
continuous-integration/drone/tag Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2024-02-01 21:13:49 +01:00
5 changed files with 35 additions and 12 deletions
Expand all files Collapse all files

4
.drone.star
View File

@@ -1,7 +1,7 @@
def main(ctx):
archs = ["amd64", "arm64"] ## arm
glpi_version = "10.0.11"
alpine_version = "3.19"
glpi_version = "10.0.17"
alpine_version = "3.20"
out = []
for arch in archs:

35
.gitea/workflows/vulnscan.yaml
View File

@@ -1,3 +1,4 @@
---
name: Vulnerability Scan
on:
@@ -16,14 +17,36 @@ jobs:
- name: Pull docker image
run: docker pull docker.asperti.com/paspo/glpi:latest
- name: Setup trivy
run: |
echo "Installing Trivy for arch: $(uname -m)"
case $(uname -m) in
x86_64)
wget -O /tmp/trivy.deb https://github.com/aquasecurity/trivy/releases/download/v0.58.2/trivy_0.58.2_Linux-64bit.deb ;;
aarch64)
wget -O /tmp/trivy.deb https://github.com/aquasecurity/trivy/releases/download/v0.58.2/trivy_0.58.2_Linux-ARM64.deb ;;
*) exit 1 ;;
esac
dpkg -i /tmp/trivy.deb
- name: Run Trivy vulnerability scanner
id: scan
uses: aquasecurity/trivy-action@master
with:
image-ref: "docker.asperti.com/paspo/glpi:latest"
format: "json"
output: "trivy-results.json"
run: |
trivy --server ${{ secrets.TRIVY_SERVER }} --token ${{ secrets.TRIVY_TOKEN }} image --format json docker.asperti.com/paspo/glpi:latest > trivy-results.json
# if some vulnerability is found, we fail
- name: check output
run: if [ $(jq '.Results[0].Vulnerabilities|length' trivy-results.json) -ne "0" ] ; then exit 1 ; fi
id: vulncount
run: |
echo "VULNCOUNT=$(jq '.Results[0].Vulnerabilities|length' trivy-results.json)" >> ${GITHUB_OUTPUT}
if [ $(jq '.Results[0].Vulnerabilities|length' trivy-results.json) -ne "0" ] ; then exit 1 ; fi
- name: send telegram notification
if: failure()
uses: appleboy/telegram-action@master
with:
to: ${{ secrets.TELEGRAM_TO }}
token: ${{ secrets.TELEGRAM_TOKEN }}
format: markdown
message: |
Found **${{ steps.vulncount.outputs.VULNCOUNT }}** vulnerabilities in `${{ github.repository }}`

8
src/Dockerfile
View File

@@ -5,10 +5,10 @@ ARG GLPI_VERSION
RUN \
mkdir -p /logs /config /files /marketplace && \
apk -U upgrade && \
apk add --no-cache curl nginx php82 php82-bz2 php82-ctype php82-curl php82-dom php82-exif \
php82-fileinfo php82-fpm php82-gd php82-iconv php82-intl php82-ldap php82-mysqli \
php82-opcache php82-openssl php82-pecl-apcu php82-pecl-redis php82-phar php82-session \
php82-simplexml php82-sodium php82-tokenizer php82-xml php82-zip php82-xmlreader php82-xmlwriter && \
apk add --no-cache curl nginx php83 php83-bz2 php83-ctype php83-curl php83-dom php83-exif \
php83-fileinfo php83-fpm php83-gd php83-iconv php83-intl php83-ldap php83-mysqli \
php83-opcache php83-openssl php83-pecl-apcu php83-pecl-redis php83-phar php83-session \
php83-simplexml php83-sodium php83-tokenizer php83-xml php83-zip php83-xmlreader php83-xmlwriter && \
wget -O /usr/local/bin/composer https://getcomposer.org/download/2.5.8/composer.phar && \
chmod +x /usr/local/bin/composer && \
wget -O - https://github.com/glpi-project/glpi/releases/download/${GLPI_VERSION}/glpi-${GLPI_VERSION}.tgz | tar xz -C /var/www

0
src/rootfs/etc/php82/conf.d/php.ini → src/rootfs/etc/php83/conf.d/php.ini
View File

0
src/rootfs/etc/php82/php-fpm.d/www.conf → src/rootfs/etc/php83/php-fpm.d/www.conf
View File