-
-
Notifications
You must be signed in to change notification settings - Fork 540
/
checkov.sh
executable file
·34 lines (29 loc) · 933 Bytes
/
checkov.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
#!/usr/bin/env bash
# shellcheck disable=SC2155 # No way to assign to readonly variable in separate lines
readonly SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd -P)"
# shellcheck source=_common.sh
. "$SCRIPT_DIR/_common.sh"
#
# Unique part
#
apk add --no-cache \
gcc=~12 \
libffi-dev=~3 \
musl-dev=~1
# cargo, gcc, git, musl-dev, rust and CARGO envvar required for compilation of [email protected]
# no longer required once checkov version depends on rustworkx >0.14.0
# https://github.com/bridgecrewio/checkov/pull/6045
# gcc libffi-dev musl-dev required for compilation of cffi, until it contains musl aarch64
export CARGO_NET_GIT_FETCH_WITH_CLI=true
apk add --no-cache \
cargo=~1 \
git=~2 \
libgcc=~12 \
rust=~1
if [[ $VERSION == latest ]]; then
pip3 install --no-cache-dir "${TOOL}"
else
pip3 install --no-cache-dir "${TOOL}==${VERSION}"
fi
apk del gcc libffi-dev musl-dev
apk del cargo git rust