feat: package osv-scanner

2024-09-01 21:04:45 -07:00 · 2024-09-01 21:04:45 -07:00 · 20b6271ca1
commit 20b6271ca1
parent 0c30febc9a
1 changed files with 43 additions and 0 deletions
--- a/packages/osv-scanner/Containerfile
+++ b/packages/osv-scanner/Containerfile
@ -0,0 +1,43 @@
+FROM scratch AS base
+ENV VERSION=1.6.1
+ENV SRC_FILE=osv-scanner-${VERSION}.tar.gz
+ENV SRC_SITE=https://github.com/google/osv-scanner/archive/v${VERSION}/${SRC_FILE}
+ENV SRC_HASH=ecaefa45c63057a8ebae9fcf9a0b760435c640157516cebfd44237664923ee13
+
+FROM base AS fetch
+ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
+
+FROM fetch AS build
+COPY --from=stagex/musl . /
+COPY --from=stagex/bash . /
+COPY --from=stagex/busybox . /
+COPY --from=stagex/go . /
+COPY --from=stagex/make . /
+COPY --from=stagex/gcc . /
+COPY --from=stagex/binutils . /
+COPY --from=stagex/pkgconf . /
+RUN tar -xf ${SRC_FILE}
+ENV GOPROXY=https://proxy.golang.org,direct
+ENV GOSUMDB=sum.golang.org
+ENV GOPATH=/cache/go
+ENV GOBIN=${GOPATH}/bin
+ENV PATH=${GOBIN}:${PATH}
+WORKDIR /buildkit-${VERSION}
+RUN <<-EOF
+    set -eux
+    mkdir -p out
+    go build -v \
+        --ldflags="-w -s -buildid= " \
+        -o out/ \
+        ./cmd/...
+EOF
+
+FROM build AS install
+RUN <<-EOF
+    set -eux
+    mkdir -p /rootfs
+    install -Dm755 ./out/osv-scanner -t /rootfs/usr/bin/
+EOF
+
+FROM stagex/filesystem AS package
+COPY --from=install /rootfs/. /