KNEL/TSYSDevStack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore(filesystem): capture latest filesystem changes

Browse Source 
- Removed multiple toolbox directories (toolbox-QADocker, toolbox-dockstack, toolbox-qadocker)
- Created new toolbox-docstack directory
- Added .gitkeep to toolbox-qadocker directory to keep it tracked in git
- The filesystem structure continues to be the authoritative source of truth
- Preserved toolbox-qadocker directory in git with .gitkeep as requested for future work

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
This commit is contained in:
Charles N Wyble - admin
2025-10-31 13:28:59 -05:00
parent ab54d694f2
commit 1ee39e859b
39 changed files with 0 additions and 2100 deletions
Download Patch File Download Diff File Expand all files Collapse all files

79
ToolboxStack/output/toolbox-qadocker/README.md
View File

@@ -1,79 +0,0 @@
# 🧰 TSYSDevStack QA Docker Toolbox
A minimal Docker image designed for auditing, verifying, and testing Docker images and container configurations.
---
## 🚀 Quick Start
1. **Build the toolbox**
```bash
./build.sh
```
2. **Start the toolbox**
```bash
./run.sh up
```
3. **Access the toolbox**
```bash
docker exec -it tsysdevstack-toolboxstack-qadocker bash
```
4. **Stop the toolbox**
```bash
./run.sh down
```
---
## 🧱 Architecture
- **Base Image**: Ubuntu 24.04 (minimal base without extending from toolbox-base)
- **User**: Runs as non-root `toolbox` user (UID/GID mapped to host)
- **Workspace**: Mounts current directory to `/workspace` (read/write)
- **Tools**: Contains essential Docker auditing and security tools
---
## 🛠️ Included Tools
### Docker Auditing & Security
- **Docker CLI**: For Docker operations and container management
- **Hadolint**: Dockerfile linter for best practices and common errors
- **Dive**: Tool to explore Docker image layers and discover inefficiencies
- **Trivy**: Comprehensive security scanner for vulnerabilities
- **Grype**: Vulnerability scanner for container images
- **Docker Bench Security**: Tool for running CIS Docker benchmark tests
### Version Control & General Tools
- **Git**: For version control operations
- **Lazygit**: Terminal UI for Git
- **Curl/Wget**: For downloading resources
- **Yq**: Command-line YAML processor
- **Xh**: Friendly and fast tool for HTTP requests
---
## 📂 Project Layout
| Path | Purpose |
|------|---------|
| `Dockerfile` | Defines the minimal QA Docker image with auditing tools |
| `docker-compose.yml` | Service configuration for the QA toolbox |
| `build.sh` | Wrapper around `docker build` with host UID/GID mapping |
| `run.sh` | Helper to bring the service up/down |
| `aqua.yaml` | Configuration for aqua-managed CLI tools |
| `SEED` | Defines the toolbox's purpose and goals |
| `PROMPT` | LLM onboarding prompt for future contributors |
---
## 🤝 Collaboration Notes
- This is the ONLY image that does NOT extend from `toolbox-base` (used for bootstrap purposes)
- Designed for use by AI CLI agents when creating and verifying container images
- Contains tools for auditing Docker images (hadolint, dive, etc.)
- Meant to be rebuilt quickly and be easy to extend
- Follows best security practices for minimal attack surface