From fd6c39e1894f9c3ddaa7129bd90cd97c6ff4c23a Mon Sep 17 00:00:00 2001
From: Stefan Streichsbier <stefan@streichsbier.at>
Date: Wed, 12 Dec 2018 13:09:37 +0700
Subject: [PATCH] Create Dockerfile

Add Dockerfile
---
 Dockerfile | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 Dockerfile

diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..0364eff
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,16 @@
+FROM composer:latest
+
+# add unpriviledged user and 
+# create directory for the code to be scanned
+RUN addgroup -S tool && adduser -S -G tool tool && \
+    mkdir -p /opt/mount/
+
+# Install phpcs-security-audit
+RUN composer global require pheromone/phpcs-security-audit
+WORKDIR /tmp
+RUN sh ./vendor/pheromone/phpcs-security-audit/symlink.sh
+
+# change user
+USER tool
+
+ENTRYPOINT [ "/tmp/vendor/bin/phpcs", "--standard=/tmp/vendor/pheromone/phpcs-security-audit/example_base_ruleset.xml", "/opt/mount/"]