-
Notifications
You must be signed in to change notification settings - Fork 310
/
Dockerfile
49 lines (35 loc) · 1.39 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
ARG VECTORSCAN_IMG_TAG=latest
ARG VECTORSCAN_IMAGE_REPOSITORY=deepfenceio
FROM $VECTORSCAN_IMAGE_REPOSITORY/deepfence_vectorscan_build:$VECTORSCAN_IMG_TAG AS vectorscan
FROM golang:1.21-alpine3.18 AS builder
MAINTAINER DeepFence
RUN apk update \
&& apk add --upgrade gcc musl-dev pkgconfig g++ make git
COPY --from=vectorscan /vectorscan.tar.bz2 /
RUN tar -xjf /vectorscan.tar.bz2 -C / && rm /vectorscan.tar.bz2
WORKDIR /home/deepfence/src/SecretScanner
COPY . .
RUN make clean
RUN make
FROM alpine:3.18
MAINTAINER DeepFence
LABEL deepfence.role=system
ENV MGMT_CONSOLE_URL=deepfence-internal-router \
MGMT_CONSOLE_PORT=443
ARG TARGETARCH
RUN apk add --no-cache --upgrade tar libstdc++ libgcc docker skopeo bash podman
RUN <<EOF
set -eux
apk update && apk add --no-cache --upgrade curl
NERDCTL_VERSION=1.4.0
curl -fsSLO https://github.com/containerd/nerdctl/releases/download/v${NERDCTL_VERSION}/nerdctl-${NERDCTL_VERSION}-linux-${TARGETARCH}.tar.gz
tar Cxzvvf /usr/local/bin nerdctl-${NERDCTL_VERSION}-linux-${TARGETARCH}.tar.gz
rm nerdctl-${NERDCTL_VERSION}-linux-${TARGETARCH}.tar.gz
apk del curl
EOF
WORKDIR /home/deepfence/usr
COPY --from=builder /home/deepfence/src/SecretScanner/SecretScanner .
COPY --from=builder /home/deepfence/src/SecretScanner/config.yaml .
WORKDIR /home/deepfence/output
ENTRYPOINT ["/home/deepfence/usr/SecretScanner", "-config-path", "/home/deepfence/usr"]
CMD ["-h"]