#!BuildTag: harbor/harbor-trivy-adapter:%%PKG_VERSION%%
#!BuildTag: harbor/harbor-trivy-adapter:%%PKG_VERSION%%-rev%%IMAGE_REVISION%%
#!BuildTag: harbor/harbor-trivy-adapter:%%PKG_VERSION%%-rev%%IMAGE_REVISION%%-build%RELEASE%

FROM suse/sle15:15.2

# labelprefix=com.suse.registry
PREFIXEDLABEL org.opencontainers.image.title="SUSE private registry, trivy-adapter container"
PREFIXEDLABEL org.opencontainers.image.description="trivy-adapter image for SUSE private registry"
PREFIXEDLABEL org.opencontainers.image.created="%BUILDTIME%"
PREFIXEDLABEL org.opencontainers.image.vendor="SUSE LLC"
PREFIXEDLABEL org.opencontainers.image.url="https://www.suse.com/products/"
PREFIXEDLABEL org.opencontainers.image.version="%%PKG_VERSION%%-rev%%IMAGE_REVISION%%-build%RELEASE%"
PREFIXEDLABEL org.openbuildservice.disturl="%DISTURL%"
PREFIXEDLABEL org.opensuse.reference="registry.suse.com/harbor/harbor-trivy-adapter:%%PKG_VERSION%%-rev%%IMAGE_REVISION%%-build%RELEASE%" 

COPY ./entrypoint.sh /usr/local/bin/entrypoint.sh

RUN groupadd -r -g 10000 scanner \
  && useradd -r -g scanner -d /home/scanner -s /sbin/nologin -m -l -c "user for Trivy" -u 10000 scanner \
  && chmod +x /usr/local/bin/entrypoint.sh
RUN zypper --non-interactive in trivy-adapter gosu

ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]