Skip to content

Commit

Permalink
Apply suggestions from code review
Browse files Browse the repository at this point in the history 
Co-authored-by: Michael Shen <[email protected]>
  • Loading branch information
@janboll @mjlshen
janboll and mjlshen authored Jul 23, 2024
1 parent b60f643 commit 6c60bc8
Showing 1 changed file with 2 additions and 5 deletions.
7 changes: 2 additions & 5 deletions tooling/image-sync/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,16 +1,13 @@
# Base and builder image will need to be replaced by Fips compliant one
FROM --platform=${TARGETPLATFORM:-linux/amd64} mcr.microsoft.com/oss/go/microsoft/golang:1.22-fips-cbl-mariner2.0@sha256:d024591e53909d3f5d9f27cde4e1fea45f32963d97711042db36a499779630f8 as builder

WORKDIR /app
ADD . .
# https://github.com/microsoft/go/tree/microsoft/main/eng/doc/fips#build-option-to-require-fips-mode
ENV CGO_ENABLED=1 GOFLAGS='-tags=requirefips'

RUN tdnf install -y gpgme-devel; \
tdnf clean all; \
make image-sync
RUN make image-sync

FROM --platform=${TARGETPLATFORM:-linux/amd64} mcr.microsoft.com/cbl-mariner/base/core:2.0-nonroot@sha256:fac93debd6c88c9935fdb85e08c3a57e601124018b87015635f50549b6527f5a
FROM --platform=${TARGETPLATFORM:-linux/amd64} mcr.microsoft.com/cbl-mariner/distroless/base:2.0-nonroot@sha256:ef0dc582fc2a8dd34fbb41341a3a9a1aaa70d4542ff04ce4e33a641e52e4807e
WORKDIR /

COPY --from=builder /app/image-sync .
Expand Down

0 comments on commit 6c60bc8

Please sign in to comment.