-
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathDockerfile.container
30 lines (27 loc) · 1.33 KB
/
Dockerfile.container
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
ARG BUILDKIT_SBOM_SCAN_CONTEXT=true
FROM --platform=$BUILDPLATFORM tonistiigi/xx@sha256:923441d7c25f1e2eb5789f82d987693c47b8ed987c4ab3b075d6ed2b5d6779a3 AS xx
ARG TARGETPLATFORM
FROM --platform=$BUILDPLATFORM rust:alpine@sha256:0cfc78e96e5314e8279cec9faf3067744764ff58cc6a87a3f9c89217f8c4aa16 AS builder
ARG BUILDKIT_SBOM_SCAN_CONTEXT=true
RUN apk add clang lld openssl-dev curl bash
# copy xx scripts to your build stage
COPY --from=xx / /
ARG TARGETPLATFORM
RUN xx-apk add --no-cache musl-dev zlib-dev zlib-static openssl-dev openssl-libs-static pkgconfig alpine-sdk
WORKDIR /app
RUN cargo new --lib readable-name-generator
WORKDIR /app/readable-name-generator
COPY Cargo.* ./
RUN xx-cargo build --release --target-dir ./build
COPY . ./
RUN xx-cargo build --release --target-dir ./build && \
xx-verify --static "./build/$(xx-cargo --print-target-triple)/release/readable-name-generator" && \
cp -v "./build/$(xx-cargo --print-target-triple)/release/readable-name-generator" "./build/readable-name-generator"
RUN addgroup -g 568 nonroot
RUN adduser -u 568 -G nonroot -D nonroot
FROM scratch
COPY --from=builder "/app/readable-name-generator/build/readable-name-generator" /
COPY --from=builder /etc/group /etc/group
COPY --from=builder /etc/passwd /etc/passwd
RUN ["/readable-name-generator", "--version"]
ENTRYPOINT ["/readable-name-generator"]