compliance-cli/Dockerfile at main · u2i/compliance-cli · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
# Multi-stage build for compliance-cli
# Build stage compiles the Go binary for the target architecture
FROM golang:1.21-alpine AS builder

# Install build dependencies
RUN apk add --no-cache git

# Set working directory
WORKDIR /build

# Copy go mod files
COPY go.mod go.sum ./

# Download dependencies
RUN go mod download

# Copy source code
COPY . .

# Build for the target architecture
# Docker automatically sets TARGETARCH based on the platform being built
ARG TARGETARCH
RUN GOOS=linux GOARCH=${TARGETARCH} go build -o compliance-cli ./cmd/deploy

# Final stage - Start from the google cloud SDK image which supports multiple architectures
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:stable

# Install additional useful tools
RUN apt-get update && apt-get install -y \
    jq \
    curl \
    git \
    && rm -rf /var/lib/apt/lists/*

# Install yq for the correct architecture
ARG TARGETARCH
RUN if [ "${TARGETARCH}" = "arm64" ]; then \
        curl -L https://github.com/mikefarah/yq/releases/download/v4.40.5/yq_linux_arm64 -o /usr/local/bin/yq; \
    else \
        curl -L https://github.com/mikefarah/yq/releases/download/v4.40.5/yq_linux_amd64 -o /usr/local/bin/yq; \
    fi && \
    chmod +x /usr/local/bin/yq

# Copy the compliance-cli binary from builder
COPY --from=builder /build/compliance-cli /usr/local/bin/compliance-cli
RUN chmod +x /usr/local/bin/compliance-cli

# Set workdir
WORKDIR /workspace

# No ENTRYPOINT so the command can be specified
# This allows "docker run image compliance-cli" to work