goreleaser/Dockerfile

FROM golang:1.19.1-alpine@sha256:d475cef843a02575ebdcb1416d98cd76bab90a5ae8bc2cd15f357fc08b6a329f

RUN apk add --no-cache bash \
	curl \
	docker-cli \
	docker-cli-buildx \
	git \
	gpg \
	mercurial \
	make \
	openssh-client \
	build-base \
	tini

# install cosign
COPY --from=gcr.io/projectsigstore/cosign:v1.12.1@sha256:ac8e08a2141e093f4fd7d1d0b05448804eb3771b66574b13ad73e31b460af64d /ko-app/cosign /usr/local/bin/cosign

ENTRYPOINT ["/sbin/tini", "--", "/entrypoint.sh"]
CMD [ "-h" ]

COPY scripts/entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh

COPY goreleaser_*.apk /tmp/
RUN apk add --no-cache --allow-untrusted /tmp/goreleaser_*.apk
fix(deps): bump golang from 1.19.0-alpine to 1.19.1-alpine (#3355) Bumps golang from 1.19.0-alpine to 1.19.1-alpine. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang&package-manager=docker&previous-version=1.19.0-alpine&new-version=1.19.1-alpine)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 2022-09-11 20:38:45 +02:00			`FROM golang:1.19.1-alpine@sha256:d475cef843a02575ebdcb1416d98cd76bab90a5ae8bc2cd15f357fc08b6a329f`
Optimized Dockerfile layers and added fingerprint checking Layers are now cleaned up and ordered in a way to minimize breaking of the cache. Additional Docker key fingerprint checking has been added to ensure that we get the eky we are expecting from Docker website. 2018-11-27 16:49:25 +02:00
fix: convert docker images to Alpine (#884) This should signifficantly reduce the image size of the Docker images needed to use Goreleaser Resolves #882 2018-11-29 20:40:04 +02:00			`RUN apk add --no-cache bash \`
feat: use go 1.17 (#2408) * feat: use go 1.17 Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * fix: go mod tidy Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * test: fix failing test Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * ci: increase lint timeout Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * ci: increase lint timeout Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> 2021-08-25 01:49:11 +02:00			`curl \`
			`docker-cli \`
			`docker-cli-buildx \`
			`git \`
feat: adds gpg to Docker image for signing of artifacts (#2905) 2022-02-13 18:37:38 +02:00			`gpg \`
feat: use go 1.17 (#2408) * feat: use go 1.17 Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * fix: go mod tidy Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * test: fix failing test Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * ci: increase lint timeout Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * ci: increase lint timeout Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> 2021-08-25 01:49:11 +02:00			`mercurial \`
			`make \`
feat: adds openssh-client to docker images (#3077) closes #3076 Signed-off-by: Carlos A Becker <caarlos0@gmail.com> 2022-04-29 14:32:24 +02:00			`openssh-client \`
feat(docker): install tini to handle Ctrl+C (#2501) https://github.com/krallin/tini/issues/8 Signed-off-by: Artur Troian <troian.ap@gmail.com> 2021-09-22 03:17:42 +02:00			`build-base \`
			`tini`
Optimized Dockerfile layers and added fingerprint checking Layers are now cleaned up and ordered in a way to minimize breaking of the cache. Additional Docker key fingerprint checking has been added to ensure that we get the eky we are expecting from Docker website. 2018-11-27 16:49:25 +02:00
feat: add cosign tool in the goreleaser image (#2542) Signed-off-by: Carlos Panato <ctadeu@gmail.com> 2021-11-18 14:54:54 +02:00			`# install cosign`
fix(deps): update cosign to v1.12.1 (#3403) Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> 2022-09-26 15:25:27 +02:00			`COPY --from=gcr.io/projectsigstore/cosign:v1.12.1@sha256:ac8e08a2141e093f4fd7d1d0b05448804eb3771b66574b13ad73e31b460af64d /ko-app/cosign /usr/local/bin/cosign`
feat: add cosign tool in the goreleaser image (#2542) Signed-off-by: Carlos Panato <ctadeu@gmail.com> 2021-11-18 14:54:54 +02:00
feat(docker): install tini to handle Ctrl+C (#2501) https://github.com/krallin/tini/issues/8 Signed-off-by: Artur Troian <troian.ap@gmail.com> 2021-09-22 03:17:42 +02:00			`ENTRYPOINT ["/sbin/tini", "--", "/entrypoint.sh"]`
feat: docker in docker support (#785) * feat: docker in docker support * fix: pr comments 2018-09-04 14:19:01 +02:00			`CMD [ "-h" ]`
Optimized Dockerfile layers and added fingerprint checking Layers are now cleaned up and ordered in a way to minimize breaking of the cache. Additional Docker key fingerprint checking has been added to ensure that we get the eky we are expecting from Docker website. 2018-11-27 16:49:25 +02:00
fix: improvements on docker extra_files 2018-12-16 15:11:01 +02:00			`COPY scripts/entrypoint.sh /entrypoint.sh`
Optimized Dockerfile layers and added fingerprint checking Layers are now cleaned up and ordered in a way to minimize breaking of the cache. Additional Docker key fingerprint checking has been added to ensure that we get the eky we are expecting from Docker website. 2018-11-27 16:49:25 +02:00			`RUN chmod +x /entrypoint.sh`
fix: improvements on docker extra_files 2018-12-16 15:11:01 +02:00
feat: allow to use nfpm packages in the docker pipe (#2003) * feat: copy nfpms to docker image too Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * test: wip Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * fix: logs Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * test: fixes Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * test: improving Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * docs: deprecations and docker improvements Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * fix: revert .goreleaser.yml changes Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * test: fix Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * docs: fix syntax Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * docs: fixed deprecation warnings Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * test: fix Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * test: coverage Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * test: add one more test case Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * test: fix Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> * test: fix Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com> Co-authored-by: kodiakhq[bot] <49736102+kodiakhq[bot]@users.noreply.github.com> 2021-01-07 21:21:12 +02:00			`COPY goreleaser_*.apk /tmp/`
fix: apk add --no-cache (#2672) 2021-11-17 20:00:10 +02:00			`RUN apk add --no-cache --allow-untrusted /tmp/goreleaser_*.apk`