docker/regclient
1
0
Fork 0
mirror of https://github.com/regclient/regclient.git synced 2025-04-18 22:44:00 +03:00
Code
regclient/build/Dockerfile.regsync
Brandon Mitchell 19a6a46281
Version bump 
- Go to v1.24.2
- ECR Helper to latest commit
- anchore/syft to v1.22.0
- library/registry to v3.0.0
- securego/gosec to v2.22.3
- google/osv-scanner to v2.0.1

Signed-off-by: Brandon Mitchell <git@bmitch.net>
2025-04-06 09:03:29 -04:00

97 lines
4.0 KiB
Docker
Raw Blame History

ARG REGISTRY=docker.io
ARG ALPINE_VER=3.21.3@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c
ARG GO_VER=1.24.2-alpine@sha256:7772cb5322baa875edd74705556d08f0eeca7b9c4b5367754ce3f2f00041ccee
ARG ECR_HELPER_VER=a72d01f94f8baa4d6aac3e2a005c85d86c75f406
ARG GCR_HELPER_VER=v2.1.27
FROM ${REGISTRY}/library/golang:${GO_VER} AS golang
RUN apk add --no-cache \
ca-certificates \
git \
make
WORKDIR /src
FROM golang AS build
RUN addgroup -g 1000 appuser \
&& adduser -u 1000 -G appuser -D appuser \
&& mkdir -p /home/appuser/.docker \
&& chown -R appuser /home/appuser
COPY go.* /src/
RUN go mod download
COPY . /src/
RUN make bin/regsync
USER appuser
CMD [ "bin/regsync" ]
FROM golang AS docker-cred-ecr-login
ARG TARGETOS
ARG TARGETARCH
ARG ECR_HELPER_VER
RUN CGO_ENABLED=0 go install -trimpath -ldflags=-buildid= github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/docker-credential-ecr-login@${ECR_HELPER_VER} \
&& ( cp "${GOPATH}/bin/docker-credential-ecr-login" /usr/local/bin/docker-credential-ecr-login \
|| cp "${GOPATH}/bin/${TARGETOS}_${TARGETARCH}/docker-credential-ecr-login" /usr/local/bin/docker-credential-ecr-login )
FROM golang AS docker-cred-gcr
ARG TARGETOS
ARG TARGETARCH
ARG GCR_HELPER_VER
RUN GOOS=${TARGETOS} GOARCH=${TARGETARCH} CGO_ENABLED=0 \
go install -trimpath -ldflags="-buildid= -s -w" \
github.com/GoogleCloudPlatform/docker-credential-gcr/v2@${GCR_HELPER_VER} \
&& ( cp "${GOPATH}/bin/docker-credential-gcr" /usr/local/bin/docker-credential-gcr \
|| cp "${GOPATH}/bin/${TARGETOS}_${TARGETARCH}/docker-credential-gcr" /usr/local/bin/docker-credential-gcr )
FROM build AS release-base
USER root
RUN mkdir -p /output/etc/ssl/certs/ /output/home /output/tmp /output/usr/local/bin \
&& cp -a /etc/passwd /etc/group /output/etc/ \
&& cp -a /etc/ssl/certs/ca-certificates.crt /output/etc/ssl/certs/ \
&& cp -a /home/appuser /output/home/ \
&& chmod 1777 /output/tmp
FROM ${REGISTRY}/library/alpine:${ALPINE_VER} AS release-alpine
COPY --from=release-base /output /
COPY --from=docker-cred-ecr-login /usr/local/bin/docker-credential-* /usr/local/bin/
COPY --from=docker-cred-gcr /usr/local/bin/docker-credential-* /usr/local/bin/
COPY --from=build /src/bin/regsync /usr/local/bin/regsync
USER appuser
CMD [ "regsync", "--help" ]
ARG BUILD_DATE
ARG VCS_REF
ARG VCS_VERSION=(devel)
LABEL maintainer="" \
org.opencontainers.image.created=$BUILD_DATE \
org.opencontainers.image.authors="regclient contributors" \
org.opencontainers.image.url="https://github.com/regclient/regclient" \
org.opencontainers.image.documentation="https://github.com/regclient/regclient" \
org.opencontainers.image.source="https://github.com/regclient/regclient" \
org.opencontainers.image.version=$VCS_VERSION \
org.opencontainers.image.revision=$VCS_REF \
org.opencontainers.image.vendor="regclient" \
org.opencontainers.image.licenses="Apache 2.0" \
org.opencontainers.image.title="regsync" \
org.opencontainers.image.description="regclient/regsync utility for mirroring registry content (alpine)"
FROM scratch AS release-scratch
COPY --from=release-base /output /
COPY --from=build /src/bin/regsync /regsync
USER appuser
ENTRYPOINT [ "/regsync" ]
ARG BUILD_DATE
ARG VCS_REF
ARG VCS_VERSION=(devel)
LABEL maintainer="" \
org.opencontainers.image.created=$BUILD_DATE \
org.opencontainers.image.authors="regclient contributors" \
org.opencontainers.image.url="https://github.com/regclient/regclient" \
org.opencontainers.image.documentation="https://github.com/regclient/regclient" \
org.opencontainers.image.source="https://github.com/regclient/regclient" \
org.opencontainers.image.version=$VCS_VERSION \
org.opencontainers.image.revision=$VCS_REF \
org.opencontainers.image.vendor="regclient" \
org.opencontainers.image.licenses="Apache 2.0" \
org.opencontainers.image.title="regsync" \
org.opencontainers.image.description="regclient/regsync utility for mirroring registry content (scratch)"
View Git Blame Copy Permalink