-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
39 lines (30 loc) · 1.43 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
# -----
FROM docker.io/library/rust:1.78-alpine AS builder
# Set `SYSROOT` to a dummy path (default is /usr) because pkg-config-rs *always*
# links those located in that path dynamically but we want static linking, c.f.
# https://github.com/rust-lang/pkg-config-rs/blob/54325785816695df031cef3b26b6a9a203bbc01b/src/lib.rs#L613
ENV SYSROOT=/dummy
# Install dependencies
RUN apk update && apk add --no-cache \
musl-dev \
libressl-dev \
protobuf-dev
ENV PROTOC=/usr/bin/protoc
WORKDIR /build
COPY . /build
RUN cargo build --bin lgc --release
# -----
FROM cgr.dev/chainguard/wolfi-base:latest
LABEL org.opencontainers.image.title="LogCraft CLI"
LABEL org.opencontainers.image.authors="LogCraft <dev@logcraft.io>"
LABEL org.opencontainers.image.url="https://github.com/LogCraftIO/logcraft-cli/pkgs/container/logcraft-cli"
LABEL org.opencontainers.image.documentation="https://docs.logcraft.io/"
LABEL org.opencontainers.image.source="https://github.com/LogCraftIO/logcraft-cli"
LABEL org.opencontainers.image.vendor="LogCraft"
LABEL org.opencontainers.image.licenses="MPL-2.0"
LABEL org.opencontainers.image.description="Easily build Detection-as-Code pipelines for modern security tools (SIEM, EDR, XDR, ...)"
WORKDIR /srv/workspace
RUN chown -R nonroot.nonroot /srv/workspace
USER nonroot
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
COPY --from=builder /build/target/release/lgc /usr/local/bin/lgc