damann revised this gist . Go to revision
1 file changed, 23 insertions
pialert.yml(file created)
| @@ -0,0 +1,23 @@ | |||
| 1 | + | version: '3' | |
| 2 | + | ||
| 3 | + | services: | |
| 4 | + | docker-bench-security: | |
| 5 | + | image: docker/docker-bench-security | |
| 6 | + | container_name: docker-bench-security | |
| 7 | + | network_mode: host | |
| 8 | + | pid: host | |
| 9 | + | user: root | |
| 10 | + | cap_add: | |
| 11 | + | - audit_control | |
| 12 | + | environment: | |
| 13 | + | - DOCKER_CONTENT_TRUST=$DOCKER_CONTENT_TRUST | |
| 14 | + | volumes: | |
| 15 | + | - /etc:/etc:ro | |
| 16 | + | - /lib/systemd/system:/lib/systemd/system:ro | |
| 17 | + | - /volume1/docker/containerd:/usr/bin/containerd:ro | |
| 18 | + | - //volume1/docker/containerd:/usr/bin/runc:ro | |
| 19 | + | - //volume1/docker/containerd:/usr/lib/systemd:ro | |
| 20 | + | - /var/lib:/var/lib:ro | |
| 21 | + | - /var/run/docker.sock:/var/run/docker.sock:ro | |
| 22 | + | labels: | |
| 23 | + | - docker_bench_security | |
Newer
Older