Markus Pesch
4b69e0636c
All checks were successful
Markdown linter / markdown-lint (push) Successful in 12s
Update Docker Hub Description / update-description-on-hub-docker-io (push) Successful in 14s
Golang Tests / unittest (push) Successful in 3m34s
Release / release (push) Successful in 8m47s
Release / sync-to-hub-docker-io (push) Successful in 55s
91 lines
2.6 KiB
Markdown
91 lines
2.6 KiB
Markdown
# civ - container image verifier
|
|
|
|
The container image verifier - `civ` checks based on constraints container images. For this purpose is a config file
|
|
required which contains the constraint definitions. The config file must be passed as argument to `civ`. `civ` writes
|
|
the results into a separate file.
|
|
|
|
Currently is `json` and `yaml` supported. As default will be `yaml` used. Optionally can be specified via the second arg
|
|
the result file.
|
|
|
|
`civ config.yaml [ result.yaml ]`
|
|
|
|
## Constraints
|
|
|
|
### Labels
|
|
|
|
#### Exists
|
|
|
|
Verify if container image `git.cryptic.systems/volker.raschek/civ:latest` has label
|
|
`org.opencontainers.image.documentation` defined.
|
|
|
|
```yaml
|
|
images:
|
|
git.cryptic.systems/volker.raschek/civ:latest:
|
|
labelConstraints:
|
|
org.opencontainers.image.documentation:
|
|
exists: true
|
|
```
|
|
|
|
#### Compare Semantic Versioning
|
|
|
|
Verify, if the container image `git.cryptic.systems/volker.raschek/civ:latest` has label
|
|
`org.opencontainers.image.version` defined and has a greater version than `2.5.7`.
|
|
|
|
```yaml
|
|
images:
|
|
git.cryptic.systems/volker.raschek/civ:latest:
|
|
labelConstraints:
|
|
org.opencontainers.image.version:
|
|
compareSemver:
|
|
greaterThan: 2.5.7
|
|
```
|
|
|
|
Alternatively, can `lessThan` and `equal` be used. For example to define a range of `2.5.7~2.8.4` with `lessThan` and
|
|
`greaterThan`.
|
|
|
|
```yaml
|
|
images:
|
|
git.cryptic.systems/volker.raschek/civ:latest:
|
|
labelConstraints:
|
|
org.opencontainers.image.version:
|
|
compareSemver:
|
|
greaterThan: 2.5.7
|
|
lessThan: 2.8.4
|
|
```
|
|
|
|
#### Compare String
|
|
|
|
Verify, if the container image `git.cryptic.systems/volker.raschek/civ:latest` has label
|
|
`org.opencontainers.image.documentation` defined and the value starts with `https://` and ends with `README.md`.
|
|
|
|
```yaml
|
|
images:
|
|
git.cryptic.systems/volker.raschek/civ:latest:
|
|
labelConstraints:
|
|
org.opencontainers.image.documentation:
|
|
compareString:
|
|
hasPrefix: "https://"
|
|
hasSuffix: "README.md"
|
|
```
|
|
|
|
Alternatively, can be `equal` used to compare the value of a label with a expected value.
|
|
|
|
#### Count labels with corresponding prefix, suffix or match pattern
|
|
|
|
No more than 3 labels with the prefix `org.opencontainers` and exactly one labels with the suffix `version` may be
|
|
defined for the image `git.cryptic.systems/volker.raschek/civ:latest`.
|
|
|
|
```yaml
|
|
images:
|
|
git.cryptic.systems/volker.raschek/civ:latest:
|
|
labelConstraints:
|
|
org.opencontainers%:
|
|
count:
|
|
lowerThan: 4
|
|
%version:
|
|
count:
|
|
equal: 1
|
|
```
|
|
|
|
The functions `lessThan` and `equal` are also available as constraints.
|