Merge branch 'main' into golang-staging

ossf · Apr 22, 2022 · b387b45 · b387b45
1 parent 559d544
commit b387b45
Showing 1 changed file with 19 additions and 12 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -21,23 +21,30 @@
 #           -e INPUT_REPO_TOKEN=$GITHUB_AUTH_TOKEN \
 #           -e GITHUB_REPOSITORY="ossf/scorecard" \
 #           laurentsimon/scorecard-action:latest
-FROM gcr.io/openssf/scorecard:v4.1.0@sha256:a1e9bb4a0976e800e977c986522b0e1c4e0466601642a84470ec1458b9fa6006 as base
 
-# Build our image and update the root certs.
-# TODO: use distroless.
-FROM debian:11.3-slim@sha256:f75d8a3ac10acdaa9be6052ea5f28bcfa56015ff02298831994bd3e6d66f7e57
+#v1.17 go
+FROM golang@sha256:bd9823cdad5700fb4abe983854488749421d5b4fc84154c30dae474100468b85 AS base
+WORKDIR /src
+ENV CGO_ENABLED=0
+COPY go.* ./
+RUN go mod download
+COPY . ./
+
+FROM base AS build
+ARG TARGETOS
+ARG TARGETARCH
+RUN CGO_ENABLED=0 make build
+
+# TODO: use distroless:
+# FROM gcr.io/distroless/base:nonroot@sha256:02f667185ccf78dbaaf79376b6904aea6d832638e1314387c2c2932f217ac5cb
+FROM debian:11.3-slim@sha256:78fd65998de7a59a001d792fe2d3a6d2ea25b6f3f068e5c84881250373577414
 RUN apt-get update && \
     apt-get install -y --no-install-recommends \
+    # For debugging.
     jq ca-certificates curl
-
-# Copy the scorecard binary from the official scorecard image.
-COPY --from=base /scorecard /scorecard
+COPY --from=build /src/scorecard-action /
 
 # Copy a test policy for local testing.
 COPY policies/template.yml  /policy.yml
 
-# Our entry point.
-# Note: the file is executable in the repo
-# and permission carry over to the image.
-COPY entrypoint.sh /entrypoint.sh
-ENTRYPOINT ["/entrypoint.sh"]
+ENTRYPOINT [ "/scorecard-action" ]