Add metadata in the Dockerfile

sbs2001 · sbs2001 · commit 81167abe7c4a · 2020-09-22T21:55:48.000+05:30
Signed-off-by: Shivam Sandbhor &lt;shivam.sandbhor@gmail.com&gt;
diff --git a/Dockerfile b/Dockerfile
@@ -1,9 +1,14 @@
-FROM python:3.8
+FROM python@sha256:e9b7e3b4e9569808066c5901b8a9ad315a9f14ae8d3949ece22ae339fff2cad0
 
 # PYTHONUNBUFFERED=1 ensures that the python output is set straight
 # to the terminal without buffering it first
 ENV PYTHONUNBUFFERED 1
 RUN mkdir /vulnerablecode
 WORKDIR /vulnerablecode
 ADD . /vulnerablecode/
-RUN pip install -r requirements.txt
+RUN pip install -r requirements.txt
+
+LABEL "base_image": "pkg:docker/python@sha256%3Ae9b7e3b4e9569808066c5901b8a9ad315a9f14ae8d3949ece22ae339fff2cad0"
+LABEL "dockerfile_url":  "https://github.com/nexB/vulnerablecode/blob/develop/Dockerfile"
+LABEL "homepage_url":  "https://github.com/nexB/vulnerablecode"
+LABEL "license": "Apache-2.0"
diff --git a/README.md b/README.md
@@ -48,7 +48,7 @@ cd vulnerablecode
 ```
 
 ### Using Docker Compose
-The easiest way to set up VulnerableCode is by using the docker containers.
+An easy way to set up VulnerableCode is with docker containers and docker compose.
 For this you need to have the following installed.
 - Docker Engine. Find instructions to install it here
 - Docker Compose. Find instructions to install it here
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -6,7 +6,7 @@ services:
         - DJANGO_DEV=1
         - VC_DB_HOST=db
     build: .
-    command: bash -c "python manage.py makemigrations && python manage.py migrate && python manage.py runserver 0.0.0.0:8000"
+    command: bash -c "python manage.py migrate && python manage.py runserver 0.0.0.0:8000"
     container_name: "vulnerablecode"
     volumes:
       - .:/vulnerablecode
