mirror of
https://github.com/anchore/syft
synced 2024-11-10 06:14:16 +00:00
21 lines
811 B
Text
21 lines
811 B
Text
FROM alpine as certs
|
|
RUN apk update && apk add ca-certificates
|
|
|
|
# note: using qemu with a multi-arch image results in redirects not working with wget
|
|
# so let docker pull the image that matches the hosts architecture first and then pull the correct asset
|
|
FROM busybox:1.36.1-musl
|
|
|
|
RUN ARCH=$(uname -m) && \
|
|
if [ "$ARCH" = "x86_64" ]; then \
|
|
COSIGN_ARCH="amd64"; \
|
|
elif [ "$ARCH" = "aarch64" ]; then \
|
|
COSIGN_ARCH="arm64"; \
|
|
else \
|
|
echo "Unsupported architecture: $ARCH" && exit 1; \
|
|
fi && \
|
|
echo "Downloading cosign for $COSIGN_ARCH" && \
|
|
wget https://github.com/sigstore/cosign/releases/latest/download/cosign-linux-${COSIGN_ARCH} && \
|
|
mv cosign-linux-${COSIGN_ARCH} /bin/cosign && \
|
|
chmod +x /bin/cosign
|
|
|
|
COPY --from=certs /etc/ssl/certs /etc/ssl/certs
|