-
Notifications
You must be signed in to change notification settings - Fork 17
Expand file tree
/
Copy pathdocker-bake.hcl
More file actions
89 lines (77 loc) · 3.14 KB
/
docker-bake.hcl
File metadata and controls
89 lines (77 loc) · 3.14 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
# Docker Bake configuration for Kali Linux images
# Supports multi-platform builds with SBOM and provenance generation
group "default" {
targets = ["base", "systemd"]
}
# Sequential build group to ensure proper layering
group "sequential" {
targets = ["base"]
}
group "dependent" {
targets = ["systemd"]
}
# Common configuration for all targets
variable "TAG" {
default = "latest"
}
variable "REGISTRY" {
default = "vxcontrol"
}
# Base Kali Linux image with essential penetration testing tools
target "base" {
dockerfile = "Dockerfile"
target = "base"
platforms = ["linux/amd64", "linux/arm64"]
tags = [
"${REGISTRY}/kali-linux:latest"
]
# Security and compliance features - use stable SBOM scanner
attest = [
"type=provenance,mode=max",
"type=sbom,scanner=docker.io/docker/buildkit-syft-scanner:stable-1"
]
# Build metadata
labels = {
"org.opencontainers.image.title" = "Kali Linux Penetration Testing Image"
"org.opencontainers.image.description" = "AI-ready Kali Linux container with 200+ curated CLI penetration testing tools"
"org.opencontainers.image.url" = "https://hub.docker.com/r/vxcontrol/kali-linux"
"org.opencontainers.image.documentation" = "https://github.com/vxcontrol/kali-linux-image/blob/master/README.md"
"org.opencontainers.image.source" = "https://github.com/vxcontrol/kali-linux-image"
"org.opencontainers.image.vendor" = "vxcontrol"
"org.opencontainers.image.licenses" = "MIT"
"org.opencontainers.image.version" = "${TAG}"
"com.vxcontrol.dockerfile.url" = "https://raw.githubusercontent.com/vxcontrol/kali-linux-image/master/Dockerfile"
"com.vxcontrol.license.url" = "https://raw.githubusercontent.com/vxcontrol/kali-linux-image/master/LICENSE"
}
}
# Systemd-enabled Kali Linux image with service management support
target "systemd" {
dockerfile = "Dockerfile"
target = "systemd"
platforms = ["linux/amd64", "linux/arm64"]
tags = [
"${REGISTRY}/kali-linux:systemd",
]
# Build dependencies - reuse base layers
contexts = {
base = "target:base"
}
# Security and compliance features - use stable SBOM scanner
attest = [
"type=provenance,mode=max",
"type=sbom,scanner=docker.io/docker/buildkit-syft-scanner:stable-1"
]
# Build metadata
labels = {
"org.opencontainers.image.title" = "Kali Linux Penetration Testing Image (Systemd)"
"org.opencontainers.image.description" = "AI-ready Kali Linux container with systemctl support and 200+ penetration testing tools"
"org.opencontainers.image.url" = "https://hub.docker.com/r/vxcontrol/kali-linux"
"org.opencontainers.image.documentation" = "https://github.com/vxcontrol/kali-linux-image/blob/master/README.md"
"org.opencontainers.image.source" = "https://github.com/vxcontrol/kali-linux-image"
"org.opencontainers.image.vendor" = "vxcontrol"
"org.opencontainers.image.licenses" = "MIT"
"org.opencontainers.image.version" = "${TAG}"
"com.vxcontrol.dockerfile.url" = "https://raw.githubusercontent.com/vxcontrol/kali-linux-image/master/Dockerfile"
"com.vxcontrol.license.url" = "https://raw.githubusercontent.com/vxcontrol/kali-linux-image/master/LICENSE"
}
}