Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Documentation #4

Open
qknight opened this issue Jul 6, 2022 · 5 comments
Open

Documentation #4

qknight opened this issue Jul 6, 2022 · 5 comments

Comments

@qknight
Copy link

qknight commented Jul 6, 2022

It would be so helpful if you would have more documentation in both:

It would also be helpful if you could connect both github and dockerhub because one reflects the other.
@ramarahul
Copy link

Agree! I was about to raise the same issue. I'm having a very hard time understanding how to use this Docker image and scan my application. At least a basic level documentation is required.

@qknight
Copy link
Author

qknight commented Jan 20, 2023
edited

In my Dockerfile I have:

Dockerfile


########################### BUILDER ##########################################
FROM golang:1.19 AS builder

# install synopsys-detect
ARG CI_BLACKDUCK_TOKEN
ARG CI_COMMIT_REF_NAME
ARG CI_COMMIT_SHA
RUN if [ ! -z "${CI_BLACKDUCK_TOKEN}" ]; then curl -s https://gitlab.internal.dev/docker-images/synopsys_tools/-/raw/fcb50e6c79a0d83921cb33dc9cbe6d04a242184c/tools/synopsys-linux.sh -o /synopsys-linux.sh && /bin/sh /synopsys-linux.sh install; fi


RUN mkdir /app && mkdir /app/bin
WORKDIR /app
ADD . /app
RUN go mod download

RUN CGO_ENABLED=0 GOOS=linux go build -o bin

RUN if [ ! -z "${CI_BLACKDUCK_TOKEN}" ]; then /bin/sh /synopsys-alpine.sh run; fi

And then there is the synopsys-linux.sh

#!/bin/sh
######################## blackduck software installation ##########################################################################

# Code copied from:
#  https://github.com/blackducksoftware/synopsys-detect-docker/blob/main/java/11/ubuntu/22.10/detect/7.14.0/iac/Dockerfile
#  Use to update our https://xxx.app.blackduck.com/

if [ "$1" = "install" ]; then
  set -e
  export DEBIAN_FRONTEND=noninteractive
  # Update
  apt-get update

  apt-get -y install curl bzip2

  # Java
  apt-get -y install default-jre-headless
  export BDS_JAVA_HOME=/usr/lib/jvm/default-java

  # Configure locale (charset encoding)
  apt-get -y install locales
  #locale-gen en_US.UTF-8
  #export LANG=en_US.UTF-8
  #export LANGUAGE=en_US:en
  #export LC_ALL=en_US.UTF-8

  mkdir -p /synopsys

  export DETECT_SOURCE=https://gitlab.internal.com/docker-images/synopsys_tools/-/archive/e9a02e2ce62b845750a51b836ea0f9ddcb36cb8d/synopsys_tools-master.tar.bz2
  if [ $(curl --silent -L -w '%{http_code}' -o /synopsys/synopsys_tools.tar.bz2 --create-dirs ${DETECT_SOURCE}) != "200" ]; then echo "Unable to download Detect jar from ${DETECT_SOURCE}"; exit 1; fi

  cd /synopsys
  tar xfj /synopsys/synopsys_tools.tar.bz2
  rm synopsys_tools.tar.bz2
  ln -s synopsys_tools-* synopsys_tools
  set +e

  ####################### /blackduck software installation ##########################################################################
fi

if [ "$1" = "run" ]; then

  set -x

  # run synopsys-detect & signature scanner
  # BDS_JAVA_HOME let's us use the distribution java instead of the bundled one from the signature scanner
  # https://testing.blackduck.synopsys.com/doc/componentdiscovery/java_jre_version.htm
  # https://github.com/blackducksoftware/hub-detect/issues/325
  export BDS_JAVA_HOME=/usr/lib/jvm/default-java

  /bin/sh -c '/usr/bin/java -jar /synopsys/synopsys_tools/tools/synopsys-detect/synopsys-detect-7.14.0.jar \
      --detect.blackduck.signature.scanner.local.path=/synopsys/synopsys_tools/tools/scan.cli-2022.4.2 \
      --detect.source.path=. \
      --detect.project.version.name="${CI_COMMIT_REF_NAME}" \
      --detect.project.version.notes="${CI_COMMIT_SHA}" \
      --detect.project.description="${CI_COMMIT_SHA}" \
      --detect.output.path=/output \
      --blackduck.url=https://xxx.app.blackduck.com \
      --blackduck.api.token="${CI_BLACKDUCK_TOKEN}"'

fi

@qknight
Copy link
Author

qknight commented Jan 20, 2023

And the file listing is this:

8       ./README.md
4       ./synopsys-alpine.sh
4       ./synopsys-linux.sh
16      ./tools/scan.cli-2022.4.2/bin/hub-docker-inspector.sh
4       ./tools/scan.cli-2022.4.2/bin/scan.cli.sh
4       ./tools/scan.cli-2022.4.2/bin/scan.container.registry.sh
12      ./tools/scan.cli-2022.4.2/bin/scan.docker.sh
4       ./tools/scan.cli-2022.4.2/bin/scan.GUI.sh
44      ./tools/scan.cli-2022.4.2/bin
16      ./tools/scan.cli-2022.4.2/jre/bin/jaotc
16      ./tools/scan.cli-2022.4.2/jre/bin/java
16      ./tools/scan.cli-2022.4.2/jre/bin/jfr
16      ./tools/scan.cli-2022.4.2/jre/bin/jjs
16      ./tools/scan.cli-2022.4.2/jre/bin/jrunscript
16      ./tools/scan.cli-2022.4.2/jre/bin/keytool
16      ./tools/scan.cli-2022.4.2/jre/bin/pack200
16      ./tools/scan.cli-2022.4.2/jre/bin/rmid
16      ./tools/scan.cli-2022.4.2/jre/bin/rmiregistry
120     ./tools/scan.cli-2022.4.2/jre/bin/unpack200
268     ./tools/scan.cli-2022.4.2/jre/bin
4       ./tools/scan.cli-2022.4.2/jre/conf/logging.properties
4       ./tools/scan.cli-2022.4.2/jre/conf/management/jmxremote.access
8       ./tools/scan.cli-2022.4.2/jre/conf/management/jmxremote.password.template
16      ./tools/scan.cli-2022.4.2/jre/conf/management/management.properties
32      ./tools/scan.cli-2022.4.2/jre/conf/management
8       ./tools/scan.cli-2022.4.2/jre/conf/net.properties
4       ./tools/scan.cli-2022.4.2/jre/conf/security/java.policy
60      ./tools/scan.cli-2022.4.2/jre/conf/security/java.security
4       ./tools/scan.cli-2022.4.2/jre/conf/security/policy/limited/default_local.policy
1       ./tools/scan.cli-2022.4.2/jre/conf/security/policy/limited/default_US_export.policy
1       ./tools/scan.cli-2022.4.2/jre/conf/security/policy/limited/exempt_local.policy
10      ./tools/scan.cli-2022.4.2/jre/conf/security/policy/limited
4       ./tools/scan.cli-2022.4.2/jre/conf/security/policy/README.txt
1       ./tools/scan.cli-2022.4.2/jre/conf/security/policy/unlimited/default_local.policy
1       ./tools/scan.cli-2022.4.2/jre/conf/security/policy/unlimited/default_US_export.policy
2       ./tools/scan.cli-2022.4.2/jre/conf/security/policy/unlimited
16      ./tools/scan.cli-2022.4.2/jre/conf/security/policy
80      ./tools/scan.cli-2022.4.2/jre/conf/security
4       ./tools/scan.cli-2022.4.2/jre/conf/sound.properties
132     ./tools/scan.cli-2022.4.2/jre/conf
4       ./tools/scan.cli-2022.4.2/jre/DISCLAIMER
0       ./tools/scan.cli-2022.4.2/jre/legal/com.azul.crs.client/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/com.azul.crs.client/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/com.azul.crs.client/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/com.azul.crs.client
0       ./tools/scan.cli-2022.4.2/jre/legal/com.azul.tooling/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/com.azul.tooling/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/com.azul.tooling/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/com.azul.tooling
4       ./tools/scan.cli-2022.4.2/jre/legal/java.base/ADDITIONAL_LICENSE_INFO
4       ./tools/scan.cli-2022.4.2/jre/legal/java.base/aes.md
4       ./tools/scan.cli-2022.4.2/jre/legal/java.base/asm.md
4       ./tools/scan.cli-2022.4.2/jre/legal/java.base/ASSEMBLY_EXCEPTION
4       ./tools/scan.cli-2022.4.2/jre/legal/java.base/c-libutl.md
4       ./tools/scan.cli-2022.4.2/jre/legal/java.base/cldr.md
4       ./tools/scan.cli-2022.4.2/jre/legal/java.base/icu.md
20      ./tools/scan.cli-2022.4.2/jre/legal/java.base/LICENSE
20      ./tools/scan.cli-2022.4.2/jre/legal/java.base/public_suffix.md
4       ./tools/scan.cli-2022.4.2/jre/legal/java.base/unicode.md
76      ./tools/scan.cli-2022.4.2/jre/legal/java.base
0       ./tools/scan.cli-2022.4.2/jre/legal/java.compiler/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.compiler/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/java.compiler/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/java.compiler
0       ./tools/scan.cli-2022.4.2/jre/legal/java.datatransfer/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.datatransfer/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/java.datatransfer/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/java.datatransfer
0       ./tools/scan.cli-2022.4.2/jre/legal/java.desktop/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.desktop/ASSEMBLY_EXCEPTION
1       ./tools/scan.cli-2022.4.2/jre/legal/java.desktop/colorimaging.md
32      ./tools/scan.cli-2022.4.2/jre/legal/java.desktop/freetype.md
4       ./tools/scan.cli-2022.4.2/jre/legal/java.desktop/giflib.md
4       ./tools/scan.cli-2022.4.2/jre/legal/java.desktop/harfbuzz.md
4       ./tools/scan.cli-2022.4.2/jre/legal/java.desktop/jpeg.md
4       ./tools/scan.cli-2022.4.2/jre/legal/java.desktop/lcms.md
8       ./tools/scan.cli-2022.4.2/jre/legal/java.desktop/libpng.md
0       ./tools/scan.cli-2022.4.2/jre/legal/java.desktop/LICENSE
8       ./tools/scan.cli-2022.4.2/jre/legal/java.desktop/mesa3d.md
4       ./tools/scan.cli-2022.4.2/jre/legal/java.desktop/xwd.md
73      ./tools/scan.cli-2022.4.2/jre/legal/java.desktop
0       ./tools/scan.cli-2022.4.2/jre/legal/java.instrument/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.instrument/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/java.instrument/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/java.instrument
0       ./tools/scan.cli-2022.4.2/jre/legal/java.logging/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.logging/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/java.logging/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/java.logging
0       ./tools/scan.cli-2022.4.2/jre/legal/java.management/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.management/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/java.management/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/java.management
0       ./tools/scan.cli-2022.4.2/jre/legal/java.management.rmi/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.management.rmi/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/java.management.rmi/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/java.management.rmi
0       ./tools/scan.cli-2022.4.2/jre/legal/java.naming/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.naming/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/java.naming/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/java.naming
0       ./tools/scan.cli-2022.4.2/jre/legal/java.net.http/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.net.http/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/java.net.http/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/java.net.http
0       ./tools/scan.cli-2022.4.2/jre/legal/java.prefs/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.prefs/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/java.prefs/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/java.prefs
0       ./tools/scan.cli-2022.4.2/jre/legal/java.rmi/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.rmi/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/java.rmi/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/java.rmi
0       ./tools/scan.cli-2022.4.2/jre/legal/java.scripting/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.scripting/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/java.scripting/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/java.scripting
0       ./tools/scan.cli-2022.4.2/jre/legal/java.se/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.se/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/java.se/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/java.se
0       ./tools/scan.cli-2022.4.2/jre/legal/java.security.jgss/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.security.jgss/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/java.security.jgss/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/java.security.jgss
0       ./tools/scan.cli-2022.4.2/jre/legal/java.security.sasl/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.security.sasl/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/java.security.sasl/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/java.security.sasl
0       ./tools/scan.cli-2022.4.2/jre/legal/java.smartcardio/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.smartcardio/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/java.smartcardio/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/java.smartcardio/pcsclite.md
8       ./tools/scan.cli-2022.4.2/jre/legal/java.smartcardio
0       ./tools/scan.cli-2022.4.2/jre/legal/java.sql/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.sql/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/java.sql/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/java.sql
0       ./tools/scan.cli-2022.4.2/jre/legal/java.sql.rowset/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.sql.rowset/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/java.sql.rowset/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/java.sql.rowset
0       ./tools/scan.cli-2022.4.2/jre/legal/java.transaction.xa/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.transaction.xa/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/java.transaction.xa/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/java.transaction.xa
0       ./tools/scan.cli-2022.4.2/jre/legal/java.xml/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.xml/ASSEMBLY_EXCEPTION
12      ./tools/scan.cli-2022.4.2/jre/legal/java.xml/bcel.md
4       ./tools/scan.cli-2022.4.2/jre/legal/java.xml/dom.md
4       ./tools/scan.cli-2022.4.2/jre/legal/java.xml/jcup.md
0       ./tools/scan.cli-2022.4.2/jre/legal/java.xml/LICENSE
16      ./tools/scan.cli-2022.4.2/jre/legal/java.xml/xalan.md
12      ./tools/scan.cli-2022.4.2/jre/legal/java.xml/xerces.md
52      ./tools/scan.cli-2022.4.2/jre/legal/java.xml
0       ./tools/scan.cli-2022.4.2/jre/legal/java.xml.crypto/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/java.xml.crypto/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/java.xml.crypto/LICENSE
12      ./tools/scan.cli-2022.4.2/jre/legal/java.xml.crypto/santuario.md
16      ./tools/scan.cli-2022.4.2/jre/legal/java.xml.crypto
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.accessibility/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.accessibility/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.accessibility/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/jdk.accessibility
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.aot/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.aot/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.aot/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.aot
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.charsets/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.charsets/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.charsets/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.charsets
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.crypto.cryptoki/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.crypto.cryptoki/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.crypto.cryptoki/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/jdk.crypto.cryptoki/pkcs11cryptotoken.md
4       ./tools/scan.cli-2022.4.2/jre/legal/jdk.crypto.cryptoki/pkcs11wrapper.md
12      ./tools/scan.cli-2022.4.2/jre/legal/jdk.crypto.cryptoki
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.crypto.ec/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.crypto.ec/ASSEMBLY_EXCEPTION
32      ./tools/scan.cli-2022.4.2/jre/legal/jdk.crypto.ec/ecc.md
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.crypto.ec/LICENSE
36      ./tools/scan.cli-2022.4.2/jre/legal/jdk.crypto.ec
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.dynalink/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.dynalink/ASSEMBLY_EXCEPTION
4       ./tools/scan.cli-2022.4.2/jre/legal/jdk.dynalink/dynalink.md
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.dynalink/LICENSE
8       ./tools/scan.cli-2022.4.2/jre/legal/jdk.dynalink
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.httpserver/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.httpserver/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.httpserver/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.httpserver
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.ed/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.ed/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.ed/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.ed
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.le/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.le/ASSEMBLY_EXCEPTION
4       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.le/jline.md
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.le/LICENSE
8       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.le
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.vm.ci/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.vm.ci/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.vm.ci/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.vm.ci
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.vm.compiler/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.vm.compiler/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.vm.compiler/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.vm.compiler
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.vm.compiler.management/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.vm.compiler.management/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.vm.compiler.management/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/jdk.internal.vm.compiler.management
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.jdwp.agent/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.jdwp.agent/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.jdwp.agent/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/jdk.jdwp.agent
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.jfr/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.jfr/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.jfr/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.jfr
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.jsobject/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.jsobject/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.jsobject/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.jsobject
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.localedata/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.localedata/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.localedata/cldr.md
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.localedata/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/jdk.localedata/thaidict.md
8       ./tools/scan.cli-2022.4.2/jre/legal/jdk.localedata
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.management/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.management/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.management/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.management
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.management.agent/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.management.agent/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.management.agent/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/jdk.management.agent
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.management.jfr/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.management.jfr/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.management.jfr/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/jdk.management.jfr
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.naming.dns/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.naming.dns/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.naming.dns/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/jdk.naming.dns
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.naming.ldap/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.naming.ldap/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.naming.ldap/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/jdk.naming.ldap
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.naming.rmi/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.naming.rmi/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.naming.rmi/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/jdk.naming.rmi
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.net/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.net/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.net/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.net
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.pack/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.pack/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.pack/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.pack
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.scripting.nashorn/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.scripting.nashorn/ASSEMBLY_EXCEPTION
4       ./tools/scan.cli-2022.4.2/jre/legal/jdk.scripting.nashorn/double-conversion.md
4       ./tools/scan.cli-2022.4.2/jre/legal/jdk.scripting.nashorn/joni.md
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.scripting.nashorn/LICENSE
12      ./tools/scan.cli-2022.4.2/jre/legal/jdk.scripting.nashorn
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.scripting.nashorn.shell/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.scripting.nashorn.shell/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.scripting.nashorn.shell/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/jdk.scripting.nashorn.shell
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.sctp/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.sctp/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.sctp/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.sctp
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.security.auth/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.security.auth/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.security.auth/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/jdk.security.auth
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.security.jgss/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.security.jgss/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.security.jgss/LICENSE
4       ./tools/scan.cli-2022.4.2/jre/legal/jdk.security.jgss
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.unsupported/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.unsupported/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.unsupported/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.unsupported
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.xml.dom/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.xml.dom/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.xml.dom/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.xml.dom
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.zipfs/ADDITIONAL_LICENSE_INFO
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.zipfs/ASSEMBLY_EXCEPTION
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.zipfs/LICENSE
0       ./tools/scan.cli-2022.4.2/jre/legal/jdk.zipfs
417     ./tools/scan.cli-2022.4.2/jre/legal
40      ./tools/scan.cli-2022.4.2/jre/lib/classlist
16      ./tools/scan.cli-2022.4.2/jre/lib/jexec
32      ./tools/scan.cli-2022.4.2/jre/lib/jfr/default.jfc
32      ./tools/scan.cli-2022.4.2/jre/lib/jfr/profile.jfc
64      ./tools/scan.cli-2022.4.2/jre/lib/jfr
76      ./tools/scan.cli-2022.4.2/jre/lib/jli/libjli.so
76      ./tools/scan.cli-2022.4.2/jre/lib/jli
104     ./tools/scan.cli-2022.4.2/jre/lib/jrt-fs.jar
20      ./tools/scan.cli-2022.4.2/jre/lib/jspawnhelper
1       ./tools/scan.cli-2022.4.2/jre/lib/jvm.cfg
772     ./tools/scan.cli-2022.4.2/jre/lib/libawt.so
44      ./tools/scan.cli-2022.4.2/jre/lib/libawt_headless.so
476     ./tools/scan.cli-2022.4.2/jre/lib/libawt_xawt.so
28      ./tools/scan.cli-2022.4.2/jre/lib/libdt_socket.so
16      ./tools/scan.cli-2022.4.2/jre/lib/libextnet.so
1464    ./tools/scan.cli-2022.4.2/jre/lib/libfontmanager.so
768     ./tools/scan.cli-2022.4.2/jre/lib/libfreetype.so
52      ./tools/scan.cli-2022.4.2/jre/lib/libinstrument.so
48      ./tools/scan.cli-2022.4.2/jre/lib/libj2gss.so
20      ./tools/scan.cli-2022.4.2/jre/lib/libj2pcsc.so
88      ./tools/scan.cli-2022.4.2/jre/lib/libj2pkcs11.so
12      ./tools/scan.cli-2022.4.2/jre/lib/libjaas.so
204     ./tools/scan.cli-2022.4.2/jre/lib/libjava.so
240     ./tools/scan.cli-2022.4.2/jre/lib/libjavajpeg.so
12      ./tools/scan.cli-2022.4.2/jre/lib/libjawt.so
276     ./tools/scan.cli-2022.4.2/jre/lib/libjdwp.so
144     ./tools/scan.cli-2022.4.2/jre/lib/libjimage.so
16      ./tools/scan.cli-2022.4.2/jre/lib/libjsig.so
80      ./tools/scan.cli-2022.4.2/jre/lib/libjsound.so
528     ./tools/scan.cli-2022.4.2/jre/lib/liblcms.so
28      ./tools/scan.cli-2022.4.2/jre/lib/libmanagement.so
12      ./tools/scan.cli-2022.4.2/jre/lib/libmanagement_agent.so
36      ./tools/scan.cli-2022.4.2/jre/lib/libmanagement_ext.so
564     ./tools/scan.cli-2022.4.2/jre/lib/libmlib_image.so
104     ./tools/scan.cli-2022.4.2/jre/lib/libnet.so
88      ./tools/scan.cli-2022.4.2/jre/lib/libnio.so
16      ./tools/scan.cli-2022.4.2/jre/lib/libprefs.so
12      ./tools/scan.cli-2022.4.2/jre/lib/librmi.so
32      ./tools/scan.cli-2022.4.2/jre/lib/libsctp.so
360     ./tools/scan.cli-2022.4.2/jre/lib/libsplashscreen.so
320     ./tools/scan.cli-2022.4.2/jre/lib/libsunec.so
224     ./tools/scan.cli-2022.4.2/jre/lib/libunpack.so
64      ./tools/scan.cli-2022.4.2/jre/lib/libverify.so
44      ./tools/scan.cli-2022.4.2/jre/lib/libzip.so
93716   ./tools/scan.cli-2022.4.2/jre/lib/modules
4       ./tools/scan.cli-2022.4.2/jre/lib/psfont.properties.ja
12      ./tools/scan.cli-2022.4.2/jre/lib/psfontj2d.properties
4       ./tools/scan.cli-2022.4.2/jre/lib/security/blocked.certs
172     ./tools/scan.cli-2022.4.2/jre/lib/security/cacerts
12      ./tools/scan.cli-2022.4.2/jre/lib/security/default.policy
228     ./tools/scan.cli-2022.4.2/jre/lib/security/public_suffix_list.dat
420     ./tools/scan.cli-2022.4.2/jre/lib/security
16      ./tools/scan.cli-2022.4.2/jre/lib/server/libjsig.so
22868   ./tools/scan.cli-2022.4.2/jre/lib/server/libjvm.so
4       ./tools/scan.cli-2022.4.2/jre/lib/server/Xusage.txt
22888   ./tools/scan.cli-2022.4.2/jre/lib/server
108     ./tools/scan.cli-2022.4.2/jre/lib/tzdb.dat
124673  ./tools/scan.cli-2022.4.2/jre/lib
0       ./tools/scan.cli-2022.4.2/jre/man/ja
108     ./tools/scan.cli-2022.4.2/jre/man/ja_JP.UTF-8/man1/java.1
12      ./tools/scan.cli-2022.4.2/jre/man/ja_JP.UTF-8/man1/jjs.1
88      ./tools/scan.cli-2022.4.2/jre/man/ja_JP.UTF-8/man1/keytool.1
16      ./tools/scan.cli-2022.4.2/jre/man/ja_JP.UTF-8/man1/pack200.1
20      ./tools/scan.cli-2022.4.2/jre/man/ja_JP.UTF-8/man1/rmid.1
8       ./tools/scan.cli-2022.4.2/jre/man/ja_JP.UTF-8/man1/rmiregistry.1
8       ./tools/scan.cli-2022.4.2/jre/man/ja_JP.UTF-8/man1/unpack200.1
264     ./tools/scan.cli-2022.4.2/jre/man/ja_JP.UTF-8/man1
264     ./tools/scan.cli-2022.4.2/jre/man/ja_JP.UTF-8
108     ./tools/scan.cli-2022.4.2/jre/man/man1/java.1
8       ./tools/scan.cli-2022.4.2/jre/man/man1/jjs.1
88      ./tools/scan.cli-2022.4.2/jre/man/man1/keytool.1
16      ./tools/scan.cli-2022.4.2/jre/man/man1/pack200.1
20      ./tools/scan.cli-2022.4.2/jre/man/man1/rmid.1
8       ./tools/scan.cli-2022.4.2/jre/man/man1/rmiregistry.1
8       ./tools/scan.cli-2022.4.2/jre/man/man1/unpack200.1
260     ./tools/scan.cli-2022.4.2/jre/man/man1
524     ./tools/scan.cli-2022.4.2/jre/man
4       ./tools/scan.cli-2022.4.2/jre/readme.txt
4       ./tools/scan.cli-2022.4.2/jre/release
4       ./tools/scan.cli-2022.4.2/jre/Welcome.html
126034  ./tools/scan.cli-2022.4.2/jre
65296   ./tools/scan.cli-2022.4.2/lib/cache/scan.cli.impl-standalone.jar
1       ./tools/scan.cli-2022.4.2/lib/cache/scan.cli.impl-standalone.jar_date
65297   ./tools/scan.cli-2022.4.2/lib/cache
7536    ./tools/scan.cli-2022.4.2/lib/scan.cli-2022.4.2-standalone.jar
72833   ./tools/scan.cli-2022.4.2/lib
198911  ./tools/scan.cli-2022.4.2
32372   ./tools/synopsys-detect/synopsys-detect-7.14.0.jar
32372   ./tools/synopsys-detect
231287  ./tools
361546  .

@qknight
Copy link
Author

qknight commented Jan 20, 2023

But be warned, even though you did a:
apt-get -y install default-jre-headless
export BDS_JAVA_HOME=/usr/lib/jvm/default-java

They still require their own java binary to be downloaded. From a security standpoint very very bad. I managed to donwload it once and then only call the local copy.

I wish they had releases of their software, better documentation and wouldn't require to download their software update during run. This is simply not feasible in a Dockerfile environment each build.

@ramarahul
Copy link

Thanks a lot for the guidance @qknight !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@qknight @ramarahul