Bitnami/containers
2
0
Fork 0
mirror of https://github.com/bitnami/containers.git synced 2026-03-07 10:07:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/*-min] VIB: Add container size_thresholds (#79131)

Browse Source 
[bitnami/*-min] VIB: Add container size_thresholds

Signed-off-by: Miguel Ruiz <miguel.ruiz@broadcom.com>
This commit is contained in:
Miguel Ruiz
2025-03-25 17:21:01 +01:00
committed by GitHub
parent 63389c8992
commit 5a965f5896
19 changed files with 914 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

79
.vib/aspnet-min/8/vib-verify.json Normal file
View File

@@ -0,0 +1,79 @@
{
"context": {
"resources": {
"url": "{SHA_ARCHIVE}",
"path": "{VIB_ENV_PATH}"
},
"runtime_parameters": "Y29tbWFuZDogWyIvc2hhcmVkL2J1c3lib3giLCAic2xlZXAiLCAiMzYwMCJdCg=="
},
"phases": {
"package": {
"actions": [
{
"action_id": "container-image-package",
"params": {
"application": {
"details": {
"name": "{VIB_ENV_CONTAINER}",
"tag": "{VIB_ENV_TAG}"
}
},
"architectures": [
"linux/amd64",
"linux/arm64"
],
"size_thresholds": [
{
"size": "65MB",
"kind": "COMPRESSED"
}
]
}
},
{
"action_id": "container-image-lint",
"params": {
"threshold": "error"
}
}
]
},
"verify": {
"actions": [
{
"action_id": "goss",
"params": {
"resources": {
"path": "/.vib"
},
"tests_file": "aspnet-min/goss/goss.yaml",
"vars_file": "aspnet-min/goss/vars.yaml",
"remote": {
"pod": {
"workload": "deploy-aspnet-min"
}
}
}
},
{
"action_id": "trivy",
"params": {
"threshold": "LOW",
"vuln_type": [
"OS"
]
}
},
{
"action_id": "grype",
"params": {
"threshold": "CRITICAL",
"package_type": [
"OS"
]
}
}
]
}
}
}

6
.vib/aspnet-min/vib-verify.json
View File

@@ -21,6 +21,12 @@
"architectures": [
"linux/amd64",
"linux/arm64"
],
"size_thresholds": [
{
"size": "70MB",
"kind": "COMPRESSED"
}
]
}
},

79
.vib/java-min/1.8/vib-verify.json Normal file
View File

@@ -0,0 +1,79 @@
{
"context": {
"resources": {
"url": "{SHA_ARCHIVE}",
"path": "{VIB_ENV_PATH}"
},
"runtime_parameters": "Y29tbWFuZDogWyIvc2hhcmVkL2J1c3lib3giLCAic2xlZXAiLCAiMzYwMCJdCg=="
},
"phases": {
"package": {
"actions": [
{
"action_id": "container-image-package",
"params": {
"application": {
"details": {
"name": "{VIB_ENV_CONTAINER}",
"tag": "{VIB_ENV_TAG}"
}
},
"architectures": [
"linux/amd64",
"linux/arm64"
],
"size_thresholds": [
{
"size": "120MB",
"kind": "COMPRESSED"
}
]
}
},
{
"action_id": "container-image-lint",
"params": {
"threshold": "error"
}
}
]
},
"verify": {
"actions": [
{
"action_id": "goss",
"params": {
"resources": {
"path": "/.vib"
},
"tests_file": "java-min/goss/goss.yaml",
"vars_file": "java-min/goss/vars.yaml",
"remote": {
"pod": {
"workload": "deploy-java-min"
}
}
}
},
{
"action_id": "trivy",
"params": {
"threshold": "LOW",
"vuln_type": [
"OS"
]
}
},
{
"action_id": "grype",
"params": {
"threshold": "CRITICAL",
"package_type": [
"OS"
]
}
}
]
}
}
}

79
.vib/java-min/11/vib-verify.json Normal file
View File

@@ -0,0 +1,79 @@
{
"context": {
"resources": {
"url": "{SHA_ARCHIVE}",
"path": "{VIB_ENV_PATH}"
},
"runtime_parameters": "Y29tbWFuZDogWyIvc2hhcmVkL2J1c3lib3giLCAic2xlZXAiLCAiMzYwMCJdCg=="
},
"phases": {
"package": {
"actions": [
{
"action_id": "container-image-package",
"params": {
"application": {
"details": {
"name": "{VIB_ENV_CONTAINER}",
"tag": "{VIB_ENV_TAG}"
}
},
"architectures": [
"linux/amd64",
"linux/arm64"
],
"size_thresholds": [
{
"size": "70MB",
"kind": "COMPRESSED"
}
]
}
},
{
"action_id": "container-image-lint",
"params": {
"threshold": "error"
}
}
]
},
"verify": {
"actions": [
{
"action_id": "goss",
"params": {
"resources": {
"path": "/.vib"
},
"tests_file": "java-min/goss/goss.yaml",
"vars_file": "java-min/goss/vars.yaml",
"remote": {
"pod": {
"workload": "deploy-java-min"
}
}
}
},
{
"action_id": "trivy",
"params": {
"threshold": "LOW",
"vuln_type": [
"OS"
]
}
},
{
"action_id": "grype",
"params": {
"threshold": "CRITICAL",
"package_type": [
"OS"
]
}
}
]
}
}
}

79
.vib/java-min/17/vib-verify.json Normal file
View File

@@ -0,0 +1,79 @@
{
"context": {
"resources": {
"url": "{SHA_ARCHIVE}",
"path": "{VIB_ENV_PATH}"
},
"runtime_parameters": "Y29tbWFuZDogWyIvc2hhcmVkL2J1c3lib3giLCAic2xlZXAiLCAiMzYwMCJdCg=="
},
"phases": {
"package": {
"actions": [
{
"action_id": "container-image-package",
"params": {
"application": {
"details": {
"name": "{VIB_ENV_CONTAINER}",
"tag": "{VIB_ENV_TAG}"
}
},
"architectures": [
"linux/amd64",
"linux/arm64"
],
"size_thresholds": [
{
"size": "75MB",
"kind": "COMPRESSED"
}
]
}
},
{
"action_id": "container-image-lint",
"params": {
"threshold": "error"
}
}
]
},
"verify": {
"actions": [
{
"action_id": "goss",
"params": {
"resources": {
"path": "/.vib"
},
"tests_file": "java-min/goss/goss.yaml",
"vars_file": "java-min/goss/vars.yaml",
"remote": {
"pod": {
"workload": "deploy-java-min"
}
}
}
},
{
"action_id": "trivy",
"params": {
"threshold": "LOW",
"vuln_type": [
"OS"
]
}
},
{
"action_id": "grype",
"params": {
"threshold": "CRITICAL",
"package_type": [
"OS"
]
}
}
]
}
}
}

79
.vib/java-min/21/vib-verify.json Normal file
View File

@@ -0,0 +1,79 @@
{
"context": {
"resources": {
"url": "{SHA_ARCHIVE}",
"path": "{VIB_ENV_PATH}"
},
"runtime_parameters": "Y29tbWFuZDogWyIvc2hhcmVkL2J1c3lib3giLCAic2xlZXAiLCAiMzYwMCJdCg=="
},
"phases": {
"package": {
"actions": [
{
"action_id": "container-image-package",
"params": {
"application": {
"details": {
"name": "{VIB_ENV_CONTAINER}",
"tag": "{VIB_ENV_TAG}"
}
},
"architectures": [
"linux/amd64",
"linux/arm64"
],
"size_thresholds": [
{
"size": "80MB",
"kind": "COMPRESSED"
}
]
}
},
{
"action_id": "container-image-lint",
"params": {
"threshold": "error"
}
}
]
},
"verify": {
"actions": [
{
"action_id": "goss",
"params": {
"resources": {
"path": "/.vib"
},
"tests_file": "java-min/goss/goss.yaml",
"vars_file": "java-min/goss/vars.yaml",
"remote": {
"pod": {
"workload": "deploy-java-min"
}
}
}
},
{
"action_id": "trivy",
"params": {
"threshold": "LOW",
"vuln_type": [
"OS"
]
}
},
{
"action_id": "grype",
"params": {
"threshold": "CRITICAL",
"package_type": [
"OS"
]
}
}
]
}
}
}

6
.vib/java-min/vib-verify.json
View File

@@ -21,6 +21,12 @@
"architectures": [
"linux/amd64",
"linux/arm64"
],
"size_thresholds": [
{
"size": "265MB",
"kind": "COMPRESSED"
}
]
}
},

6
.vib/libgcc/vib-verify.json
View File

@@ -21,6 +21,12 @@
"architectures": [
"linux/amd64",
"linux/arm64"
],
"size_thresholds": [
{
"size": "9MB",
"kind": "COMPRESSED"
}
]
}
},

79
.vib/node-min/18/vib-verify.json Normal file
View File

@@ -0,0 +1,79 @@
{
"context": {
"resources": {
"url": "{SHA_ARCHIVE}",
"path": "{VIB_ENV_PATH}"
},
"runtime_parameters": "Y29tbWFuZDogWyJub2RlIiwgIi0tZXZhbCIsICJzZXRUaW1lb3V0KCgpID0+IHt9LCAzNjAwICogMTAwMCk7Il0K"
},
"phases": {
"package": {
"actions": [
{
"action_id": "container-image-package",
"params": {
"application": {
"details": {
"name": "{VIB_ENV_CONTAINER}",
"tag": "{VIB_ENV_TAG}"
}
},
"architectures": [
"linux/amd64",
"linux/arm64"
],
"size_thresholds": [
{
"size": "40MB",
"kind": "COMPRESSED"
}
]
}
},
{
"action_id": "container-image-lint",
"params": {
"threshold": "error"
}
}
]
},
"verify": {
"actions": [
{
"action_id": "goss",
"params": {
"resources": {
"path": "/.vib"
},
"tests_file": "node-min/goss/goss.yaml",
"vars_file": "node-min/goss/vars.yaml",
"remote": {
"pod": {
"workload": "deploy-node-min"
}
}
}
},
{
"action_id": "trivy",
"params": {
"threshold": "LOW",
"vuln_type": [
"OS"
]
}
},
{
"action_id": "grype",
"params": {
"threshold": "CRITICAL",
"package_type": [
"OS"
]
}
}
]
}
}
}

79
.vib/node-min/20/vib-verify.json Normal file
View File

@@ -0,0 +1,79 @@
{
"context": {
"resources": {
"url": "{SHA_ARCHIVE}",
"path": "{VIB_ENV_PATH}"
},
"runtime_parameters": "Y29tbWFuZDogWyJub2RlIiwgIi0tZXZhbCIsICJzZXRUaW1lb3V0KCgpID0+IHt9LCAzNjAwICogMTAwMCk7Il0K"
},
"phases": {
"package": {
"actions": [
{
"action_id": "container-image-package",
"params": {
"application": {
"details": {
"name": "{VIB_ENV_CONTAINER}",
"tag": "{VIB_ENV_TAG}"
}
},
"architectures": [
"linux/amd64",
"linux/arm64"
],
"size_thresholds": [
{
"size": "40MB",
"kind": "COMPRESSED"
}
]
}
},
{
"action_id": "container-image-lint",
"params": {
"threshold": "error"
}
}
]
},
"verify": {
"actions": [
{
"action_id": "goss",
"params": {
"resources": {
"path": "/.vib"
},
"tests_file": "node-min/goss/goss.yaml",
"vars_file": "node-min/goss/vars.yaml",
"remote": {
"pod": {
"workload": "deploy-node-min"
}
}
}
},
{
"action_id": "trivy",
"params": {
"threshold": "LOW",
"vuln_type": [
"OS"
]
}
},
{
"action_id": "grype",
"params": {
"threshold": "CRITICAL",
"package_type": [
"OS"
]
}
}
]
}
}
}

79
.vib/node-min/22/vib-verify.json Normal file
View File

@@ -0,0 +1,79 @@
{
"context": {
"resources": {
"url": "{SHA_ARCHIVE}",
"path": "{VIB_ENV_PATH}"
},
"runtime_parameters": "Y29tbWFuZDogWyJub2RlIiwgIi0tZXZhbCIsICJzZXRUaW1lb3V0KCgpID0+IHt9LCAzNjAwICogMTAwMCk7Il0K"
},
"phases": {
"package": {
"actions": [
{
"action_id": "container-image-package",
"params": {
"application": {
"details": {
"name": "{VIB_ENV_CONTAINER}",
"tag": "{VIB_ENV_TAG}"
}
},
"architectures": [
"linux/amd64",
"linux/arm64"
],
"size_thresholds": [
{
"size": "45MB",
"kind": "COMPRESSED"
}
]
}
},
{
"action_id": "container-image-lint",
"params": {
"threshold": "error"
}
}
]
},
"verify": {
"actions": [
{
"action_id": "goss",
"params": {
"resources": {
"path": "/.vib"
},
"tests_file": "node-min/goss/goss.yaml",
"vars_file": "node-min/goss/vars.yaml",
"remote": {
"pod": {
"workload": "deploy-node-min"
}
}
}
},
{
"action_id": "trivy",
"params": {
"threshold": "LOW",
"vuln_type": [
"OS"
]
}
},
{
"action_id": "grype",
"params": {
"threshold": "CRITICAL",
"package_type": [
"OS"
]
}
}
]
}
}
}

6
.vib/node-min/vib-verify.json
View File

@@ -21,6 +21,12 @@
"architectures": [
"linux/amd64",
"linux/arm64"
],
"size_thresholds": [
{
"size": "50MB",
"kind": "COMPRESSED"
}
]
}
},

78
.vib/php-fpm-min/8.1/vib-verify.json Normal file
View File

@@ -0,0 +1,78 @@
{
"context": {
"resources": {
"url": "{SHA_ARCHIVE}",
"path": "{VIB_ENV_PATH}"
}
},
"phases": {
"package": {
"actions": [
{
"action_id": "container-image-package",
"params": {
"application": {
"details": {
"name": "{VIB_ENV_CONTAINER}",
"tag": "{VIB_ENV_TAG}"
}
},
"architectures": [
"linux/amd64",
"linux/arm64"
],
"size_thresholds": [
{
"size": "40MB",
"kind": "COMPRESSED"
}
]
}
},
{
"action_id": "container-image-lint",
"params": {
"threshold": "error"
}
}
]
},
"verify": {
"actions": [
{
"action_id": "goss",
"params": {
"resources": {
"path": "/.vib"
},
"tests_file": "php-fpm-min/goss/goss.yaml",
"vars_file": "php-fpm-min/goss/vars.yaml",
"remote": {
"pod": {
"workload": "deploy-php-fpm-min"
}
}
}
},
{
"action_id": "trivy",
"params": {
"threshold": "LOW",
"vuln_type": [
"OS"
]
}
},
{
"action_id": "grype",
"params": {
"threshold": "CRITICAL",
"package_type": [
"OS"
]
}
}
]
}
}
}

78
.vib/php-fpm-min/8.2/vib-verify.json Normal file
View File

@@ -0,0 +1,78 @@
{
"context": {
"resources": {
"url": "{SHA_ARCHIVE}",
"path": "{VIB_ENV_PATH}"
}
},
"phases": {
"package": {
"actions": [
{
"action_id": "container-image-package",
"params": {
"application": {
"details": {
"name": "{VIB_ENV_CONTAINER}",
"tag": "{VIB_ENV_TAG}"
}
},
"architectures": [
"linux/amd64",
"linux/arm64"
],
"size_thresholds": [
{
"size": "40MB",
"kind": "COMPRESSED"
}
]
}
},
{
"action_id": "container-image-lint",
"params": {
"threshold": "error"
}
}
]
},
"verify": {
"actions": [
{
"action_id": "goss",
"params": {
"resources": {
"path": "/.vib"
},
"tests_file": "php-fpm-min/goss/goss.yaml",
"vars_file": "php-fpm-min/goss/vars.yaml",
"remote": {
"pod": {
"workload": "deploy-php-fpm-min"
}
}
}
},
{
"action_id": "trivy",
"params": {
"threshold": "LOW",
"vuln_type": [
"OS"
]
}
},
{
"action_id": "grype",
"params": {
"threshold": "CRITICAL",
"package_type": [
"OS"
]
}
}
]
}
}
}

78
.vib/php-fpm-min/8.3/vib-verify.json Normal file
View File

@@ -0,0 +1,78 @@
{
"context": {
"resources": {
"url": "{SHA_ARCHIVE}",
"path": "{VIB_ENV_PATH}"
}
},
"phases": {
"package": {
"actions": [
{
"action_id": "container-image-package",
"params": {
"application": {
"details": {
"name": "{VIB_ENV_CONTAINER}",
"tag": "{VIB_ENV_TAG}"
}
},
"architectures": [
"linux/amd64",
"linux/arm64"
],
"size_thresholds": [
{
"size": "40MB",
"kind": "COMPRESSED"
}
]
}
},
{
"action_id": "container-image-lint",
"params": {
"threshold": "error"
}
}
]
},
"verify": {
"actions": [
{
"action_id": "goss",
"params": {
"resources": {
"path": "/.vib"
},
"tests_file": "php-fpm-min/goss/goss.yaml",
"vars_file": "php-fpm-min/goss/vars.yaml",
"remote": {
"pod": {
"workload": "deploy-php-fpm-min"
}
}
}
},
{
"action_id": "trivy",
"params": {
"threshold": "LOW",
"vuln_type": [
"OS"
]
}
},
{
"action_id": "grype",
"params": {
"threshold": "CRITICAL",
"package_type": [
"OS"
]
}
}
]
}
}
}

6
.vib/php-fpm-min/vib-verify.json
View File

@@ -20,6 +20,12 @@
"architectures": [
"linux/amd64",
"linux/arm64"
],
"size_thresholds": [
{
"size": "45MB",
"kind": "COMPRESSED"
}
]
}
},

6
.vib/python-min/vib-verify.json
View File

@@ -21,6 +21,12 @@
"architectures": [
"linux/amd64",
"linux/arm64"
],
"size_thresholds": [
{
"size": "20MB",
"kind": "COMPRESSED"
}
]
}
},

6
.vib/ruby-min/vib-verify.json
View File

@@ -21,6 +21,12 @@
"architectures": [
"linux/amd64",
"linux/arm64"
],
"size_thresholds": [
{
"size": "30MB",
"kind": "COMPRESSED"
}
]
}
},

6
.vib/static/vib-verify.json
View File

@@ -21,6 +21,12 @@
"architectures": [
"linux/amd64",
"linux/arm64"
],
"size_thresholds": [
{
"size": "1MB",
"kind": "COMPRESSED"
}
]
}
},