Skip to content

Commit

Permalink
simplify harness dockerfile
Browse files Browse the repository at this point in the history
  • Loading branch information
@floreks
floreks committed Apr 26, 2024
1 parent ca58221 commit 4fc237c
Showing 1 changed file with 6 additions and 8 deletions.
14 changes: 6 additions & 8 deletions hack/harness.Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,3 @@
FROM alpine:3.19 as environment

RUN mkdir /plural
RUN mkdir /tmp/plural

FROM golang:1.22-alpine3.19 as builder

Check notice

Code scanning / Trivy

No HEALTHCHECK defined Low

Artifact: hack/harness.Dockerfile
Type: dockerfile
Vulnerability DS026
Severity: LOW
Message: Add HEALTHCHECK instruction in your Dockerfile
Link: DS026

ARG TARGETARCH
Expand Down Expand Up @@ -31,9 +26,12 @@ RUN CGO_ENABLED=0 \
-o /plural/harness \
cmd/harness/main.go

FROM hashicorp/terraform:1.8.2 as terraform
FROM busybox:1.35.0-uclibc as environment

FROM busybox:1.35.0-uclibc as busybox
RUN mkdir /plural
RUN mkdir /tmp/plural

FROM hashicorp/terraform:1.8.2 as terraform

FROM gcr.io/distroless/base-debian12 as final

Check warning

Code scanning / Trivy

':latest' tag used Medium

Artifact: hack/harness.Dockerfile
Type: dockerfile
Vulnerability DS001
Severity: MEDIUM
Message: Specify a tag in the 'FROM' statement for image 'gcr.io/distroless/base-debian12'
Link: DS001

Expand All @@ -47,7 +45,7 @@ USER nonroot:nonroot
# 4. copy terraform binary
COPY --chown=nonroot --from=environment /plural /plural
COPY --chown=nonroot --from=environment /tmp/plural /tmp
COPY --chown=nonroot --from=busybox /bin/sh /bin/sh
COPY --chown=nonroot --from=environment /bin/sh /bin/sh
COPY --from=builder /plural/harness /harness
COPY --from=terraform /bin/terraform /bin/terraform

Expand Down

0 comments on commit 4fc237c

Please sign in to comment.