feat: Update toolbox-base and template with latest Docker configurations and documentation
\n- Updated Dockerfiles in both toolbox-base and toolbox-template - Modified build scripts and docker-compose configurations - Added new audit tools and documentation files - Created new toolbox-DocStack and toolbox-QADocker implementations - Updated README and maintenance documentation
This commit is contained in:
42
ToolboxStack/output/toolbox-QADocker/security-audit.sh
Executable file
42
ToolboxStack/output/toolbox-QADocker/security-audit.sh
Executable file
@@ -0,0 +1,42 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
echo "Running security audit on the current environment..."
|
||||
|
||||
# Check for any security issues with the current setup
|
||||
echo "Checking for common security issues..."
|
||||
|
||||
# Check if running as root (should not be)
|
||||
if [ "$EUID" -eq 0 ]; then
|
||||
echo "WARNING: Running as root user" >&2
|
||||
exit 1
|
||||
else
|
||||
echo "✓ Running as non-root user"
|
||||
fi
|
||||
|
||||
# Check for sudo access (should not have)
|
||||
if command -v sudo &> /dev/null; then
|
||||
echo "WARNING: Sudo is available in the container" >&2
|
||||
exit 1
|
||||
else
|
||||
echo "✓ Sudo correctly removed from container"
|
||||
fi
|
||||
|
||||
# Verify important security tools are available
|
||||
echo "Checking for security tools..."
|
||||
if command -v trivy &> /dev/null; then
|
||||
echo "✓ Trivy security scanner available"
|
||||
else
|
||||
echo "✗ Trivy security scanner not available" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if command -v hadolint &> /dev/null; then
|
||||
echo "✓ Hadolint Dockerfile linter available"
|
||||
else
|
||||
echo "✗ Hadolint Dockerfile linter not available" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "Security audit completed successfully!"
|
||||
Reference in New Issue
Block a user