Skip to content

pvnovarese/2023-01-enterprise-demo

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

36 Commits

.baseline

.baseline

 
 

.circleci

.circleci

 
 

.github/workflows

.github/workflows

 
 

.codefresh-example-workflow

.codefresh-example-workflow

 
 

.drone.yml

.drone.yml

 
 

Dockerfile

Dockerfile

 
 

Jenkinsfile

Jenkinsfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

anchore_hints.json

anchore_hints.json

 
 

log4j-core-2.14.1.jar

log4j-core-2.14.1.jar

 
 

sudo-1.8.29-5.el8.x86_64.rpm

sudo-1.8.29-5.el8.x86_64.rpm

 
 

Repository files navigation

2023-01-enterprise-demo

Enterprise Demo Setup Workflow Example Enterprise Workflow Example Local Scan/SBOM Workflow CircleCI

Simple demo for Anchore Enterprise.

Includes workflow examples for Jenkins, CircleCI, Codefresh, Drone, and GitHub.

Partial list of conditions that can be tested with this image:

  1. xmrig cryptominer installed at /xmrig/xmrig
  2. simulated AWS access key in /aws_access
  3. simulated ssh private key in /ssh_key
  4. selection of commonly-blocked packages installed (sudo, curl, etc)
  5. /log4j-core-2.14.1.jar (CVE-2021-44228, et al)
  6. CVE-2021-3156 (sudo) provided via hints file (rpm also available)
  7. added anchorectl to demonstrate automatic go module detection (new in syft 0.42.0)
  8. wide variety of ruby, node, python, java installed with different licenses
  9. build drift detection via baseline dockerfile with minimal packages/dependencies

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages 1

 

Languages