Skip to content

Commit

Permalink
Merge pull request #972 from flavio/use-cargo-auditable
Browse files Browse the repository at this point in the history 
fix: make policy-server binary auditable
  • Loading branch information
@flavio
flavio authored Nov 12, 2024
2 parents 50467ce + 566471f commit 6c9af94
Showing 1 changed file with 4 additions and 2 deletions.
6 changes: 4 additions & 2 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,8 @@ RUN mkdir /usr/src/policy-server
WORKDIR /usr/src/policy-server
COPY ./ ./

RUN cargo install --target aarch64-unknown-linux-musl --path .
RUN cargo install cargo-auditable
RUN cargo auditable install --target aarch64-unknown-linux-musl --path .

FROM --platform=${BUILDPLATFORM} ghcr.io/cross-rs/x86_64-unknown-linux-musl:0.2.5 AS build-amd64
ARG BUILDPLATFORM
Expand All @@ -30,7 +31,8 @@ RUN mkdir /usr/src/policy-server
WORKDIR /usr/src/policy-server
COPY ./ ./

RUN cargo install --target x86_64-unknown-linux-musl --path .
RUN cargo install cargo-auditable
RUN cargo auditable install --target x86_64-unknown-linux-musl --path .

FROM --platform=$BUILDPLATFORM alpine AS cfg
RUN echo "policy-server:x:65533:65533::/tmp:/sbin/nologin" >> /etc/passwd
Expand Down

0 comments on commit 6c9af94

Please sign in to comment.