-
Notifications
You must be signed in to change notification settings - Fork 21
/
Dockerfile
33 lines (30 loc) · 1.15 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# Build the SPIFFE CSI Driver binary
FROM --platform=${BUILDPLATFORM} golang:1.22.2-alpine AS base
ARG GIT_TAG
ARG GIT_COMMIT
ARG GIT_DIRTY
WORKDIR /code
RUN apk --no-cache --update add make
COPY go.* ./
RUN --mount=type=cache,target=/go/pkg/mod go mod download
COPY . .
# xx is a helper for cross-compilation
# when bumping to a new version analyze the new version for security issues
# then use crane to lookup the digest of that version so we are immutable
# crane digest tonistiigi/xx:1.1.2
FROM --platform=${BUILDPLATFORM} tonistiigi/xx@sha256:9dde7edeb9e4a957ce78be9f8c0fbabe0129bf5126933cd3574888f443731cda AS xx
FROM --platform=${BUILDPLATFORM} base as builder
ARG TARGETPLATFORM
ARG TARGETARCH
ENV CGO_ENABLED=0
COPY --link --from=xx / /
RUN xx-go --wrap
RUN --mount=type=cache,target=/root/.cache/go-build \
--mount=type=cache,target=/go/pkg/mod \
make GIT_TAG="${GIT_TAG}" GIT_COMMIT="${GIT_COMMIT}" GIT_DIRTY="${GIT_DIRTY}" build
# Build a scratch image with just the SPIFFE CSI driver binary
FROM scratch AS spiffe-csi-driver
WORKDIR /
ENTRYPOINT ["/spiffe-csi-driver"]
CMD []
COPY --link --from=builder /code/bin/spiffe-csi-driver /spiffe-csi-driver