forked from goharbor/harbor-scanner-trivy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile.dev
35 lines (23 loc) · 1.03 KB
/
Dockerfile.dev
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
# That's the only place where you're supposed to specify version of Trivy.
ARG TRIVY_VERSION=0.56.1
ARG SKAFFOLD_GO_GCFLAGS
FROM golang:1.22 AS builder
WORKDIR /go/src/github.com/aquasecurity/harbor-scanner-trivy
# Download Go dependencies first
COPY go.mod go.sum ./
RUN go mod download
# Copy the entire project and build it.
COPY cmd/ ./cmd
COPY pkg/ ./pkg
RUN CGO_ENABLED=0 go build -gcflags="${SKAFFOLD_GO_GCFLAGS}" -o scanner-trivy cmd/scanner-trivy/main.go
FROM aquasec/trivy:${TRIVY_VERSION}
ENV GOTRACEBACK=all
# An ARG declared before a FROM is outside of a build stage, so it can't be used in any
# instruction after a FROM. To use the default value of an ARG declared before the first
# FROM use an ARG instruction without a value inside of a build stage.
ARG TRIVY_VERSION
RUN adduser -u 10000 -D -g '' scanner scanner
COPY --from=builder /go/src/github.com/aquasecurity/harbor-scanner-trivy/scanner-trivy /home/scanner/bin/scanner-trivy
ENV TRIVY_VERSION=${TRIVY_VERSION}
USER scanner
ENTRYPOINT ["/home/scanner/bin/scanner-trivy"]