mirror of
https://github.com/docker/cli.git
synced 2026-01-26 15:41:42 +03:00
2bcf047f90
This release addresses breakage caused by a security patch included in Go 1.25.2 and 1.24.8, which enforced overly restrictive validation on the parsing of X.509 certificates. We've removed those restrictions while maintaining the security fix that the initial release addressed. Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
48 lines
1.4 KiB
Docker
48 lines
1.4 KiB
Docker
# syntax=docker/dockerfile:1
|
|
|
|
ARG GO_VERSION=1.25.3
|
|
|
|
# ALPINE_VERSION sets the version of the alpine base image to use, including for the golang image.
|
|
# It must be a supported tag in the docker.io/library/alpine image repository
|
|
# that's also available as alpine image variant for the Golang version used.
|
|
ARG ALPINE_VERSION=3.22
|
|
ARG MODOUTDATED_VERSION=v0.8.0
|
|
|
|
FROM golang:${GO_VERSION}-alpine${ALPINE_VERSION} AS base
|
|
ENV GOTOOLCHAIN=local
|
|
RUN apk add --no-cache bash git rsync
|
|
WORKDIR /src
|
|
|
|
FROM base AS vendored
|
|
ENV GOPROXY=https://proxy.golang.org|direct
|
|
RUN --mount=target=/context \
|
|
--mount=target=.,type=tmpfs \
|
|
--mount=target=/go/pkg/mod,type=cache <<EOT
|
|
set -e
|
|
rsync -a /context/. .
|
|
./scripts/with-go-mod.sh ./scripts/vendor update
|
|
mkdir /out
|
|
cp -r vendor.mod vendor.sum vendor /out
|
|
EOT
|
|
|
|
FROM scratch AS update
|
|
COPY --from=vendored /out /out
|
|
|
|
FROM vendored AS validate
|
|
RUN --mount=target=/context \
|
|
--mount=target=.,type=tmpfs <<EOT
|
|
set -e
|
|
rsync -a /context/. .
|
|
git add -A
|
|
rm -rf vendor
|
|
cp -rf /out/* .
|
|
./scripts/with-go-mod.sh ./scripts/vendor validate
|
|
EOT
|
|
|
|
FROM psampaz/go-mod-outdated:${MODOUTDATED_VERSION} AS go-mod-outdated
|
|
FROM base AS outdated
|
|
RUN --mount=target=.,rw \
|
|
--mount=target=/go/pkg/mod,type=cache \
|
|
--mount=from=go-mod-outdated,source=/home/go-mod-outdated,target=/usr/bin/go-mod-outdated \
|
|
./scripts/with-go-mod.sh ./scripts/vendor outdated
|