Skip to content

Commit

Permalink
refactor: dockerfile (#43)
Browse files Browse the repository at this point in the history
* make builder stage aligned with image builds in vmclarity
* pin yara version to avoid compatibility issues
  • Loading branch information
chrisgacsal authored Feb 22, 2024
1 parent 3081b4a commit 74294ad
Showing 1 changed file with 24 additions and 7 deletions.
31 changes: 24 additions & 7 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,8 +1,21 @@
# syntax=docker/dockerfile:1
# syntax=docker/dockerfile:1@sha256:ac85f380a63b13dfcefa89046420e1781752bab202122f8f50032edf31be0021

FROM golang:1.22.0-alpine AS builder
FROM --platform=$BUILDPLATFORM golang:1.22.0-bullseye@sha256:0c099cf97c6162ceab8c9494c4ce8c2a19a73b852f334ec1876a42d05eb5f90b AS builder

RUN apk add --update --no-cache gcc g++ git ca-certificates build-base
ARG TARGETPLATFORM

RUN --mount=type=cache,id=${TARGETPLATFORM}-apt,target=/var/cache/apt,sharing=locked \
apt-get update \
&& apt-get install -y --no-install-recommends \
gcc \
libc6-dev

WORKDIR /build

RUN --mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build \
--mount=type=bind,source=.,target=/build,ro \
go mod download -x

ARG VERSION
ARG BUILD_TIMESTAMP
Expand All @@ -16,16 +29,20 @@ RUN --mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build \
--mount=type=bind,source=.,target=/build,ro \
GOOS=${TARGETOS} GOARCH=${TARGETARCH} CGO_ENABLED=0 \
go build \
-ldflags="-s -w \
go build -ldflags="-s -w -extldflags -static \
-X 'github.com/openclarity/yara-rule-server/pkg/version.Version=${VERSION}' \
-X 'github.com/openclarity/yara-rule-server/pkg/version.CommitHash=${COMMIT_HASH}' \
-X 'github.com/openclarity/yara-rule-server/pkg/version.BuildTimestamp=${BUILD_TIMESTAMP}'" \
-o /bin/yara-rule-server main.go

FROM alpine:3.19
FROM alpine:3.19@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b

RUN apk add --update --no-cache \
util-linux \
ca-certificates \
libc6-compat

RUN apk --no-cache add util-linux yara ca-certificates
RUN apk --no-cache add --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community yara=4.5.0-r0

COPY --from=builder --chmod=755 /bin/yara-rule-server /bin/yara-rule-server
COPY --link --chmod=644 config.example.yaml /etc/yara-rule-server/config.yaml
Expand Down

0 comments on commit 74294ad

Please sign in to comment.