.travis.yml

language: generic

services:
  - docker

env:
  global:
    - COMMIT=${TRAVIS_COMMIT::8}

install:
  - curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/master/contrib/install.sh | sudo sh -s -- -b /usr/local/bin
  - curl -sfL -o hadolint "https://github.com/hadolint/hadolint/releases/download/v1.17.5/hadolint-$(uname -s)-$(uname -m)" && chmod +x hadolint && sudo mv hadolint /usr/local/bin
  
script:
  # Lint Dockerfile
  - git ls-files --exclude='Dockerfile*' --ignored | xargs --max-lines=1 hadolint
  # Build container image
  - docker build -f ch01/Dockerfile -t container-security:${COMMIT} .
  # scan container image need to workaround for issue (https://github.com/aquasecurity/trivy/issues/198)
  - docker images
  - docker save container-security:${COMMIT} -o container-security-${COMMIT}.tar
  #- trivy --exit-code 0 --severity HIGH --no-progress --input container-security-${COMMIT}.tar
  #- trivy --exit-code 1 --severity CRITICAL --no-progress --input container-security-${COMMIT}.tar
  
cache:
  directories:
    - $HOME/.cache/trivy