mirror of
https://github.com/sourcegraph/sourcegraph.git
synced 2026-02-06 19:51:50 +00:00
741c453ef1
This will update our Go dependency to a newer version. Resolving CVE-2023-24532. ## Test plan Ran `sg ci build main-dry-run`, everything passed: - https://buildkite.com/sourcegraph/sourcegraph/builds/212016 - [x] ci tests - [x] review <!-- All pull requests REQUIRE a test plan: https://docs.sourcegraph.com/dev/background-information/testing_principles -->
46 lines
1.4 KiB
Docker
46 lines
1.4 KiB
Docker
FROM golang:1.19.8-alpine@sha256:841c160ed35923d96c95c52403c4e6db5decd9cbce034aa851e412ade5d4b74f AS builder
|
|
|
|
WORKDIR /go/src/app
|
|
|
|
ENV CGO_ENABLE=0
|
|
|
|
# We only have two dependencies. When building we just use the latest version of
|
|
# them rather than maintaining our own go.mod just in this directory.
|
|
RUN go mod init github.com/sourcegraph/sourcegraph/internal/cmd/git-combine \
|
|
&& go get github.com/go-git/go-git/v5 \
|
|
&& go get github.com/sourcegraph/sourcegraph/lib/errors
|
|
|
|
|
|
COPY git-combine.go .
|
|
COPY default-branch.sh .
|
|
|
|
RUN go mod download \
|
|
&& go mod tidy
|
|
|
|
RUN go build .
|
|
|
|
# Does not need to use sourcegraph-alpine since this is only deployed for
|
|
# Sourcegraph.com.
|
|
# alpine_base CHECK:ALPINE_OK
|
|
FROM alpine:3.15 as alpine_base
|
|
|
|
RUN apk add --no-cache\
|
|
bash \
|
|
ca-certificates \
|
|
git \
|
|
parallel \
|
|
tini
|
|
|
|
COPY --from=builder /go/src/app/git-combine /usr/bin/
|
|
|
|
ARG COMMIT_SHA="unknown"
|
|
ARG VERSION="unknown"
|
|
|
|
LABEL org.opencontainers.image.revision=${COMMIT_SHA}
|
|
LABEL org.opencontainers.image.version=${VERSION}
|
|
LABEL org.opencontainers.image.url=https://sourcegraph.com/
|
|
LABEL org.opencontainers.image.source=https://github.com/sourcegraph/sourcegraph/tree/main/internal/cmd/git-combine
|
|
LABEL org.opencontainers.image.documentation=https://github.com/sourcegraph/sourcegraph/blob/main/internal/cmd/git-combine/README.md
|
|
|
|
ENTRYPOINT ["/sbin/tini", "--", "git-combine"]
|