Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Dockerfile builder #237

Closed
wants to merge 15 commits into from
Closed

Conversation

ianlewis
Copy link
Member

@ianlewis ianlewis commented Jun 10, 2022

Updates #57
Updates #178

Very early experimental pass at a builder for Docker images based on a Dockerfile in the user repo.

  • Build the image
  • Push to ghcr.io
  • Generate & sign provenance
  • Save to tlog
  • Upload provenance to registry
  • Some basic docs

}

// CommandStep is a command executed by the builder.
type CommandStep struct {
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm thinking of making this kind of a standard thing in the library that all the builders that run commands can use in their build config.

That way it makes the build config's similar and a bit more standardized.

Docker registry. This command assumes that it is being run in the context of a
Github Actions workflow.`,
Run: func(cmd *cobra.Command, args []string) {
// TODO(github.com/slsa-framework/slsa-github-generator/issues/57): implement attest command
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do the equivalent of cosign attest

)

// buildCmd returns the 'build' command.
func buildCmd() *cobra.Command {
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is mostly just a thin wrapper over the docker build command currently. Need to think a bit on what advantage wrapping in a Go app has. Maybe just a bit more control over what command is run?

@ianlewis
Copy link
Member Author

Closing this in favor of having an ecosystem builder that uses the BYOB framework

@ianlewis ianlewis closed this Jan 10, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

1 participant