mirror of
https://github.com/mikefarah/yq.git
synced 2026-06-26 23:17:43 +00:00
0e803833fb
* Initial plan * chore: pin GitHub Actions dependencies to specific commit SHAs (OSSF) Agent-Logs-Url: https://github.com/mikefarah/yq/sessions/cbd03f0a-f2dc-4da4-b01c-7dd06ad83ee9 Co-authored-by: mikefarah <1151925+mikefarah@users.noreply.github.com> * chore: pin Dockerfile base images to specific SHA digests (OSSF) Agent-Logs-Url: https://github.com/mikefarah/yq/sessions/7a8f6690-37fb-42ab-b3dc-0dd23c270fbe Co-authored-by: mikefarah <1151925+mikefarah@users.noreply.github.com> * chore: revert yq pins in test-yq.yml; add release note for github-action/Dockerfile SHA Agent-Logs-Url: https://github.com/mikefarah/yq/sessions/e1b35d79-92a3-47d5-b4ac-a2efe2fd58ce Co-authored-by: mikefarah <1151925+mikefarah@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: mikefarah <1151925+mikefarah@users.noreply.github.com>
29 lines
853 B
Docker
29 lines
853 B
Docker
FROM golang:1.26.2@sha256:2a2b4b5791cea8ae09caecba7bad0bd9631def96e5fe362e4a5e67009fe4ae61 AS builder
|
|
|
|
WORKDIR /go/src/mikefarah/yq
|
|
|
|
COPY . .
|
|
|
|
RUN CGO_ENABLED=0 go build -ldflags "-s -w" .
|
|
# RUN ./scripts/test.sh -- this too often times out in the github pipeline.
|
|
RUN ./scripts/acceptance.sh
|
|
|
|
# Choose alpine as a base image to make this useful for CI, as many
|
|
# CI tools expect an interactive shell inside the container
|
|
FROM alpine:3@sha256:25109184c71bdad752c8312a8623239686a9a2071e8825f20acb8f2198c3f659 AS production
|
|
LABEL maintainer="Mike Farah <mikefarah@users.noreply.github.com>"
|
|
|
|
COPY --from=builder /go/src/mikefarah/yq/yq /usr/bin/yq
|
|
|
|
WORKDIR /workdir
|
|
|
|
RUN set -eux; \
|
|
addgroup -g 1000 yq; \
|
|
adduser -u 1000 -G yq -s /bin/sh -h /home/yq -D yq
|
|
|
|
RUN chown -R yq:yq /workdir
|
|
|
|
USER yq
|
|
|
|
ENTRYPOINT ["/usr/bin/yq"]
|