2024-09-06 23:04:59 +00:00
|
|
|
FROM scratch AS base
|
2024-10-08 02:22:12 +00:00
|
|
|
ENV VERSION=1.9.0
|
2024-09-06 23:04:59 +00:00
|
|
|
ENV SRC_FILE=osv-scanner-${VERSION}.tar.gz
|
|
|
|
ENV SRC_SITE=https://github.com/google/osv-scanner/archive/v${VERSION}/${SRC_FILE}
|
2024-10-08 02:22:12 +00:00
|
|
|
ENV SRC_HASH=85ce158b6dce22cddc19b652bdc5150145b57119e3acfa8e3ae5ba1cfa449a3f
|
2024-09-06 23:04:59 +00:00
|
|
|
|
|
|
|
FROM base AS fetch
|
|
|
|
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
|
|
|
|
|
|
|
|
FROM fetch AS build
|
|
|
|
COPY --from=stagex/musl . /
|
|
|
|
COPY --from=stagex/bash . /
|
|
|
|
COPY --from=stagex/busybox . /
|
|
|
|
COPY --from=stagex/go . /
|
|
|
|
COPY --from=stagex/make . /
|
|
|
|
COPY --from=stagex/gcc . /
|
|
|
|
COPY --from=stagex/binutils . /
|
|
|
|
COPY --from=stagex/pkgconf . /
|
|
|
|
COPY --from=stagex/ca-certificates . /
|
|
|
|
RUN tar -xf ${SRC_FILE}
|
|
|
|
ENV GOPROXY=https://proxy.golang.org,direct
|
|
|
|
ENV GOSUMDB=sum.golang.org
|
|
|
|
ENV GOPATH=/cache/go
|
|
|
|
ENV GOBIN=${GOPATH}/bin
|
|
|
|
ENV PATH=${GOBIN}:${PATH}
|
|
|
|
WORKDIR /osv-scanner-${VERSION}
|
|
|
|
RUN <<-EOF
|
|
|
|
set -eux
|
|
|
|
mkdir -p out
|
|
|
|
go build -v \
|
|
|
|
--ldflags="-w -s -buildid= " \
|
|
|
|
-o out/ \
|
|
|
|
./cmd/...
|
|
|
|
EOF
|
|
|
|
|
|
|
|
FROM build AS install
|
|
|
|
RUN <<-EOF
|
|
|
|
set -eux
|
|
|
|
mkdir -p /rootfs
|
|
|
|
install -Dm755 ./out/osv-scanner -t /rootfs/usr/bin/
|
|
|
|
EOF
|
|
|
|
|
|
|
|
FROM stagex/filesystem AS package
|
|
|
|
COPY --from=install /rootfs/. /
|