go/goreleaser
go/goreleaser
1
0
Fork 0
mirror of https://github.com/goreleaser/goreleaser.git synced 2025-01-16 03:52:12 +02:00
Code Issues Releases Activity
d19ff6eb1e
goreleaser/Dockerfile
Carlos Alexandro Becker 69e9b2b120
fix: update cosign in docker img to 1.12.0 (#3379) 
fix for
https://github.com/sigstore/cosign/security/advisories/GHSA-8gw7-4j42-w388

Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
2022-09-15 19:39:51 +03:00

26 lines
649 B
Docker
Raw Blame History

FROM golang:1.19.1-alpine@sha256:d475cef843a02575ebdcb1416d98cd76bab90a5ae8bc2cd15f357fc08b6a329f
RUN apk add --no-cache bash \
curl \
docker-cli \
docker-cli-buildx \
git \
gpg \
mercurial \
make \
openssh-client \
build-base \
tini
# install cosign
COPY --from=gcr.io/projectsigstore/cosign:v1.12.0@sha256:880cc3ec8088fa59a43025d4f20961e8abc7c732e276a211cfb8b66793455dd0 /ko-app/cosign /usr/local/bin/cosign
ENTRYPOINT ["/sbin/tini", "--", "/entrypoint.sh"]
CMD [ "-h" ]
COPY scripts/entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
COPY goreleaser_*.apk /tmp/
RUN apk add --no-cache --allow-untrusted /tmp/goreleaser_*.apk
Reference in New Issue View Git Blame Copy Permalink