Toilville Limited Liabillity Company

Repositories

7

Projects

1

Packages

65

forge-ci-base (sha256:f522f8425fa1785852256fbe76d5222be06dd6d82eb53060610d69803225091c)

Published 2026-06-23 03:23:45 +00:00 by peterswimm

Installation

Pull the image from the command line:

docker pull git.toilville.dev/toilville/forge-ci-base@sha256:f522f8425fa1785852256fbe76d5222be06dd6d82eb53060610d69803225091c

Digest

sha256:f522f8425fa1785852256fbe76d5222be06dd6d82eb53060610d69803225091c

For more information on the Container registry, see the documentation.

Image layers

ARG RELEASE

ARG LAUNCHPAD_BUILD_ARCH

LABEL org.opencontainers.image.version=24.04

ADD file:46ac5b8ee4c64ad9ebe840abd5619f571a617ac19483764d47d0eeba7907934f in /

CMD ["/bin/bash"]

ENV DEBIAN_FRONTEND=noninteractive

RUN /bin/sh -c apt-get update -qq && apt-get install -y -qq --no-install-recommends python3.12 python3-pip python3.12-venv curl gnupg ca-certificates git postgresql-client && curl -fsSL https://deb.nodesource.com/setup_20.x | bash - && apt-get install -y -qq --no-install-recommends nodejs && update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.12 1 && ln -sf /usr/bin/python3 /usr/bin/python && apt-get clean && rm -rf /var/lib/apt/lists/* # buildkit

RUN /bin/sh -c pip install --no-cache-dir --break-system-packages psycopg2-binary pyyaml pytest # buildkit

RUN /bin/sh -c apt-get update -qq && apt-get install -y -qq --no-install-recommends shellcheck && apt-get clean && rm -rf /var/lib/apt/lists/* # buildkit

ARG HADOLINT_VERSION=v2.14.0

RUN |1 HADOLINT_VERSION=v2.14.0 /bin/sh -c set -eu; arch="$(dpkg --print-architecture)"; case "$arch" in amd64) hl_arch=x86_64 ;; arm64) hl_arch=arm64 ;; *) echo "unsupported arch: $arch" >&2; exit 1 ;; esac; curl -fsSL -o /usr/local/bin/hadolint "https://github.com/hadolint/hadolint/releases/download/${HADOLINT_VERSION}/hadolint-linux-${hl_arch}"; chmod +x /usr/local/bin/hadolint; hadolint --version # buildkit

ARG GITLEAKS_VERSION=v8.30.1

RUN |2 HADOLINT_VERSION=v2.14.0 GITLEAKS_VERSION=v8.30.1 /bin/sh -c set -eu; arch="$(dpkg --print-architecture)"; case "$arch" in amd64) gl_arch=x64 ;; arm64) gl_arch=arm64 ;; *) echo "unsupported arch: $arch" >&2; exit 1 ;; esac; curl -fsSL -o /tmp/gitleaks.tar.gz "https://github.com/gitleaks/gitleaks/releases/download/${GITLEAKS_VERSION}/gitleaks_${GITLEAKS_VERSION#v}_linux_${gl_arch}.tar.gz"; tar -xzf /tmp/gitleaks.tar.gz -C /usr/local/bin gitleaks; rm /tmp/gitleaks.tar.gz; gitleaks version # buildkit

ARG SQUAWK_VERSION=v2.52.1

RUN |3 HADOLINT_VERSION=v2.14.0 GITLEAKS_VERSION=v8.30.1 SQUAWK_VERSION=v2.52.1 /bin/sh -c set -eu; arch="$(dpkg --print-architecture)"; case "$arch" in amd64) sq_arch=x64 ;; arm64) sq_arch=arm64 ;; *) echo "unsupported arch: $arch" >&2; exit 1 ;; esac; curl -fsSL -o /usr/local/bin/squawk "https://github.com/sbdchd/squawk/releases/download/${SQUAWK_VERSION}/squawk-linux-${sq_arch}"; chmod +x /usr/local/bin/squawk; squawk --version # buildkit

ARG TRIVY_VERSION=v0.70.0

RUN |4 HADOLINT_VERSION=v2.14.0 GITLEAKS_VERSION=v8.30.1 SQUAWK_VERSION=v2.52.1 TRIVY_VERSION=v0.70.0 /bin/sh -c set -eu; arch="$(dpkg --print-architecture)"; case "$arch" in amd64) tv_arch=64bit ;; arm64) tv_arch=ARM64 ;; *) echo "unsupported arch: $arch" >&2; exit 1 ;; esac; curl -fsSL -o /tmp/trivy.tar.gz "https://github.com/aquasecurity/trivy/releases/download/${TRIVY_VERSION}/trivy_${TRIVY_VERSION#v}_Linux-${tv_arch}.tar.gz"; tar -xzf /tmp/trivy.tar.gz -C /usr/local/bin trivy; rm /tmp/trivy.tar.gz; trivy --version # buildkit

RUN |4 HADOLINT_VERSION=v2.14.0 GITLEAKS_VERSION=v8.30.1 SQUAWK_VERSION=v2.52.1 TRIVY_VERSION=v0.70.0 /bin/sh -c pip install --no-cache-dir --break-system-packages bandit pip-audit # buildkit

ARG COSIGN_VERSION=v2.4.1

RUN |5 HADOLINT_VERSION=v2.14.0 GITLEAKS_VERSION=v8.30.1 SQUAWK_VERSION=v2.52.1 TRIVY_VERSION=v0.70.0 COSIGN_VERSION=v2.4.1 /bin/sh -c set -eu; arch="$(dpkg --print-architecture)"; case "$arch" in amd64) cosign_arch=amd64 ;; arm64) cosign_arch=arm64 ;; *) echo "unsupported arch: $arch" >&2; exit 1 ;; esac; curl -fsSL -o /usr/local/bin/cosign "https://github.com/sigstore/cosign/releases/download/${COSIGN_VERSION}/cosign-linux-${cosign_arch}"; chmod +x /usr/local/bin/cosign; cosign version # buildkit

COPY ritual /usr/local/bin/ritual # buildkit

RUN |5 HADOLINT_VERSION=v2.14.0 GITLEAKS_VERSION=v8.30.1 SQUAWK_VERSION=v2.52.1 TRIVY_VERSION=v0.70.0 COSIGN_VERSION=v2.4.1 /bin/sh -c chmod +x /usr/local/bin/ritual # buildkit

RUN |5 HADOLINT_VERSION=v2.14.0 GITLEAKS_VERSION=v8.30.1 SQUAWK_VERSION=v2.52.1 TRIVY_VERSION=v0.70.0 COSIGN_VERSION=v2.4.1 /bin/sh -c node --version && python3 --version && psql --version && cosign version && ritual --version && shellcheck --version && hadolint --version && gitleaks version && squawk --version && trivy --version && bandit --version && pip-audit --version # buildkit

Labels

Key	Value
org.opencontainers.image.version	24.04

Details

Container

2026-06-23 03:23:45 +00:00

2

OCI / Docker

linux/amd64

275 MiB

Versions (4) View all

latest 2026-06-23

v20260623-9196e3f7 2026-06-23

v20260514-fa2de7e 2026-05-14

v20260514-bcf9d5c 2026-05-14