stagex/packages/osv-scanner/Containerfile

FROM scratch AS base
ENV VERSION=1.9.0
ENV SRC_FILE=osv-scanner-${VERSION}.tar.gz
ENV SRC_SITE=https://github.com/google/osv-scanner/archive/v${VERSION}/${SRC_FILE}
ENV SRC_HASH=85ce158b6dce22cddc19b652bdc5150145b57119e3acfa8e3ae5ba1cfa449a3f

FROM base AS fetch
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .

FROM fetch AS build
COPY --from=stagex/musl . /
COPY --from=stagex/bash . /
COPY --from=stagex/busybox . /
COPY --from=stagex/go . /
COPY --from=stagex/make . /
COPY --from=stagex/gcc . /
COPY --from=stagex/binutils . /
COPY --from=stagex/pkgconf . /
COPY --from=stagex/ca-certificates . /
RUN tar -xf ${SRC_FILE}
ENV GOPROXY=https://proxy.golang.org,direct
ENV GOSUMDB=sum.golang.org
ENV GOPATH=/cache/go
ENV GOBIN=${GOPATH}/bin
ENV PATH=${GOBIN}:${PATH}
WORKDIR /osv-scanner-${VERSION}
RUN <<-EOF
    set -eux
    mkdir -p out
    go build -v \
        --ldflags="-w -s -buildid= " \
        -o out/ \
        ./cmd/...
EOF

FROM build AS install
RUN <<-EOF
    set -eux
    mkdir -p /rootfs
    install -Dm755 ./out/osv-scanner -t /rootfs/usr/bin/
EOF

FROM stagex/filesystem AS package
COPY --from=install /rootfs/. /
feat: package osv-scanner 2024-09-06 23:04:59 +00:00			`FROM scratch AS base`
chore: bump version to 1.9.0 2024-10-08 02:22:12 +00:00			`ENV VERSION=1.9.0`
feat: package osv-scanner 2024-09-06 23:04:59 +00:00			`ENV SRC_FILE=osv-scanner-${VERSION}.tar.gz`
			`ENV SRC_SITE=https://github.com/google/osv-scanner/archive/v${VERSION}/${SRC_FILE}`
chore: bump version to 1.9.0 2024-10-08 02:22:12 +00:00			`ENV SRC_HASH=85ce158b6dce22cddc19b652bdc5150145b57119e3acfa8e3ae5ba1cfa449a3f`
feat: package osv-scanner 2024-09-06 23:04:59 +00:00
			`FROM base AS fetch`
			`ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .`

			`FROM fetch AS build`
			`COPY --from=stagex/musl . /`
			`COPY --from=stagex/bash . /`
			`COPY --from=stagex/busybox . /`
			`COPY --from=stagex/go . /`
			`COPY --from=stagex/make . /`
			`COPY --from=stagex/gcc . /`
			`COPY --from=stagex/binutils . /`
			`COPY --from=stagex/pkgconf . /`
			`COPY --from=stagex/ca-certificates . /`
			`RUN tar -xf ${SRC_FILE}`
			`ENV GOPROXY=https://proxy.golang.org,direct`
			`ENV GOSUMDB=sum.golang.org`
			`ENV GOPATH=/cache/go`
			`ENV GOBIN=${GOPATH}/bin`
			`ENV PATH=${GOBIN}:${PATH}`
			`WORKDIR /osv-scanner-${VERSION}`
			`RUN <<-EOF`
			`set -eux`
			`mkdir -p out`
			`go build -v \`
			`--ldflags="-w -s -buildid= " \`
			`-o out/ \`
			`./cmd/...`
			`EOF`

			`FROM build AS install`
			`RUN <<-EOF`
			`set -eux`
			`mkdir -p /rootfs`
			`install -Dm755 ./out/osv-scanner -t /rootfs/usr/bin/`
			`EOF`

			`FROM stagex/filesystem AS package`
			`COPY --from=install /rootfs/. /`