mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-24 23:19:39 -05:00
fc33a74c78
The variable VersionInfo is supposed to be set by `go build -X ...` during link time but should not be modified at runtime. This change ensures the underlying var is private and can only be accessed by a public getter.
32 lines
1.1 KiB
Docker
32 lines
1.1 KiB
Docker
FROM fedora:37@sha256:a9fed38b343ea8a2722c78d5ad97d691421bf46f20f20076d34dd6948a2a792d as build
|
|
|
|
RUN dnf -y update && \
|
|
dnf install -y wget git
|
|
|
|
# Install Go
|
|
ARG GO_VER=1.20.1
|
|
RUN wget -q https://go.dev/dl/go${GO_VER}.linux-amd64.tar.gz && \
|
|
tar -C /usr/local -xzf go${GO_VER}.linux-amd64.tar.gz && \
|
|
rm go${GO_VER}.linux-amd64.tar.gz
|
|
ENV PATH ${PATH}:/usr/local/go/bin
|
|
|
|
# Download go dependencies
|
|
WORKDIR /constellation/
|
|
COPY go.mod ./
|
|
COPY go.sum ./
|
|
RUN go mod download all
|
|
|
|
# Copy Repo
|
|
COPY . /constellation
|
|
RUN rm -rf ./hack/
|
|
|
|
# Build
|
|
RUN mkdir -p /constellation/build
|
|
WORKDIR /constellation/keyservice/cmd
|
|
ARG PROJECT_VERSION=0.0.0
|
|
RUN --mount=type=cache,target=/root/.cache/go-build CGO_ENABLED=0 go build -o /constellation/build/keyservice -trimpath -buildvcs=false -ldflags "-s -w -buildid='' -X github.com/edgelesssys/constellation/v2/internal/constants.versionInfo=${PROJECT_VERSION}"
|
|
|
|
FROM gcr.io/distroless/static:nonroot@sha256:9ec950c09380320e203369982691eb821df6a6974edf9f4bb8e661d4b77b9d99 as release
|
|
COPY --from=build /constellation/build/keyservice /keyservice
|
|
ENTRYPOINT ["/keyservice"]
|