generated from ThalesGroup/template-project
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathContainerfile.goreleaser-ko-cosign-trivy-syft-x86-arm64-root-usr
73 lines (67 loc) · 3.22 KB
/
Containerfile.goreleaser-ko-cosign-trivy-syft-x86-arm64-root-usr
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
# Copyright 2024 Thales
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Set Go & tools versions. This needs to match the versions from the corresponding base image
# ghcr.io/thalesgroup/goreleaser-glibc-image-base (the one with entrypoint /bin/bash)
ARG GOLANG_VERSION=1.23.0
ARG TRIVY_VERSION=0.57.1
ARG SYFT_VERSION=1.16.0
ARG COSIGN_VERSION=2.4.1
ARG KO_VERSION=0.17.1
# goreleaser v2.4.7 ships with go1.23.0
ARG GORELEASER_VERSION=2.4.7
# Set Debian version name (e.g. bookworm)
ARG DEBIAN_VERSION=bookworm
# For OCI labels
# This should look like this:
# FROM ghcr.io/thalesgroup/goreleaser-glibc-image-base:golang-1.22.5-bookworm
ARG BASE_REGISTRY="ghcr.io"
ARG BASE_IMAGE="thalesgroup/goreleaser-glibc-image-base"
ARG BASE_IMAGE_TAG="golang-${GOLANG_VERSION}-${DEBIAN_VERSION}"
#==============================================================================#
# Sets entrypoint to goreleaser
#==============================================================================#
FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_IMAGE_TAG} AS goreleaser_base
ENTRYPOINT [ "/go/bin/goreleaser" ]
# See https://github.com/opencontainers/image-spec/blob/main/annotations.md
ARG LABEL_CREATED=""
ARG LABEL_AUTHOR="Thales Open Source <oss@thalesgroup.com>"
ARG LABEL_URL="ghcr.io/thalesgroup/goreleaser-glibc-image-base"
ARG LABEL_DOCUMENTATION="https://github.com/ThalesGroup/goreleaser-glibc-image"
ARG LABEL_SOURCE="https://github.com/ThalesGroup/goreleaser-glibc-image"
ARG LABEL_VERSION=""
ARG LABEL_REVISION=""
ARG LABEL_VENDOR="Thales"
ARG LABEL_LICENSES="Apache 2.0"
ARG LABEL_TITLE="goreleaser-glibc-image-base"
ARG LABEL_REF_NAME=""
ARG LABEL_DESCRIPTION="Container image that is shiped with goreleaser cosign ko-build trivy and syft, and using glibc on debian. The ENTRYPOINT of this image is /go/bin/goreleaser"
ARG LABEL_BASE_DIGEST=""
ARG BASE_REGISTRY
ARG BASE_IMAGE
ARG BASE_IMAGE_TAG
ARG LABEL_BASE_NAME="${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_IMAGE_TAG}"
LABEL org.opencontainers.image.created="${LABEL_CREATED}"
LABEL org.opencontainers.image.authors="${LABEL_AUTHOR}"
LABEL org.opencontainers.image.url="${LABEL_URL}"
LABEL org.opencontainers.image.documentation="${LABEL_DOCUMENTATION}"
LABEL org.opencontainers.image.source="${LABEL_SOURCE}"
LABEL org.opencontainers.image.version="${LABEL_VERSION}"
LABEL org.opencontainers.image.revision="${LABEL_REVISION}"
LABEL org.opencontainers.image.vendor="${LABEL_VENDOR}"
LABEL org.opencontainers.image.licenses="${LABEL_LICENSES}"
LABEL org.opencontainers.image.title="${LABEL_TITLE}"
LABEL org.opencontainers.image.ref.name="${LABEL_REF_NAME}"
LABEL org.opencontainers.image.description="${LABEL_DESCRIPTION}"
LABEL org.opencontainers.image.base.digest="${LABEL_BASE_DIGEST}"
LABEL org.opencontainers.image.base.name="${LABEL_BASE_NAME}"