Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Yusuf Kanchwala
committed
Jul 31, 2020
1 parent
cadae23
commit 599a9aa
Showing
2 changed files
with
37 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,36 @@ | ||
| # -------- builder stage -------- # | ||
| FROM golang:alpine AS builder | ||
|
|
||
| ARG GOOS_VAL=linux | ||
| ARG GOARCH=amd64 | ||
|
|
||
| WORKDIR $GOPATH/src/terrascan | ||
|
|
||
| # download go dependencies | ||
| COPY go.mod go.sum ./ | ||
| RUN go mod download | ||
|
|
||
| # copy terrascan source | ||
| COPY . . | ||
|
|
||
| # build binary | ||
| RUN GOOS=${GOOS_VAL} GOARCH=${GOARCH_VAL} go build -v -ldflags "-w -s" -o /go/bin/terrascan ./cmd/terrascan | ||
|
|
||
|
|
||
| # -------- prod stage -------- # | ||
| FROM alpine:3.12.0 | ||
|
|
||
| # create non root user | ||
| RUN addgroup --gid 101 terrascan && \ | ||
| adduser -S --uid 101 --ingroup terrascan terrascan | ||
|
|
||
| # run as non root user | ||
| USER terrascan | ||
|
|
||
| # copy terrascan binary from build | ||
| COPY --from=builder /go/bin/terrascan /go/bin/terrascan | ||
|
|
||
| EXPOSE 9010 | ||
|
|
||
| ENTRYPOINT ["/go/bin/terrascan", "--server"] | ||
| CMD ["--log-type", "json"] |