chore: lint dockerfile

ory · Demonsthere · May 30, 2023 · May 30, 2023 · May 30, 2023 · May 30, 2023
commit 341f215d78ab57626cb3eb94f5841ce26f3ee30e
@@ -5,18 +5,18 @@ RUN apk --update upgrade && apk --no-cache --update-cache --upgrade --latest add
 
 WORKDIR /go/src/github.com/ory/kratos
 
-ADD go.mod go.mod
-ADD go.sum go.sum
-ADD internal/httpclient/go.* internal/httpclient/
-ADD internal/client-go/go.* internal/client-go/
+COPY go.mod go.mod
+COPY go.sum go.sum
+COPY internal/httpclient/go.* internal/httpclient/
+COPY internal/client-go/go.* internal/client-go/
 
 ENV GO111MODULE on
 ENV CGO_ENABLED 1
 ENV CGO_CPPFLAGS -DSQLITE_DEFAULT_FILE_PERMISSIONS=0600
 
 RUN go mod download
 
-ADD . .
+COPY . .
 
 ARG VERSION
 ARG COMMIT

@@ -15,19 +15,24 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@v3
+      - name: Setup Env
+        id: vars
+        shell: bash
+        run: |
+          echo "SHA_SHORT=$(git rev-parse --short HEAD)" >> "${GITHUB_ENV}"
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v2
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v2
       - name: Build images
         shell: bash
         run: |
-          make docker
+          IMAGE_TAG="${{ env.SHA_SHORT }}" make docker
       - name: Anchore Scanner
         uses: anchore/scan-action@v3
         id: grype-scan
         with:
-          image: oryd/kratos:latest
+          image: oryd/kratos:${{ env.SHA_SHORT }}
           fail-build: true
           severity-cutoff: high
           add-cpes-if-none: true
@@ -47,7 +52,7 @@ jobs:
         uses: aquasecurity/trivy-action@master
         if: ${{ always() }}
         with:
-          image-ref: oryd/kratos:latest
+          image-ref: oryd/kratos:${{ env.SHA_SHORT }}
           format: "table"
           exit-code: "42"
           ignore-unfixed: true
@@ -58,7 +63,7 @@ jobs:
         uses: erzz/dockle-action@v1.3.2
         if: ${{ always() }}
         with:
-          image: oryd/kratos:latest
+          image: oryd/kratos:${{ env.SHA_SHORT }}
           exit-code: 42
           failure-threshold: high
       - name: Hadolint

@@ -10,6 +10,7 @@ export PWD                := $(shell pwd)
 export BUILD_DATE         := $(shell date -u +"%Y-%m-%dT%H:%M:%SZ")
 export VCS_REF            := $(shell git rev-parse HEAD)
 export QUICKSTART_OPTIONS ?= ""
+export IMAGE_TAG 					:= $(if $(IMAGE_TAG),$(IMAGE_TAG),latest)
 
 GO_DEPENDENCIES = github.com/ory/go-acc \
 				  github.com/golang/mock/mockgen \
@@ -162,7 +163,7 @@ format: .bin/goimports .bin/ory node_modules
 # Build local docker image
 .PHONY: docker
 docker:
-	DOCKER_BUILDKIT=1 docker build -f .docker/Dockerfile-build --build-arg=COMMIT=$(VCS_REF) --build-arg=BUILD_DATE=$(BUILD_DATE) -t oryd/kratos:latest .
+	DOCKER_BUILDKIT=1 docker build -f .docker/Dockerfile-build --build-arg=COMMIT=$(VCS_REF) --build-arg=BUILD_DATE=$(BUILD_DATE) -t oryd/kratos:${IMAGE_TAG} .
 
 # Runs the documentation tests
 .PHONY: test-docs