ARG BUILDKIT_SBOM_SCAN_CONTEXT=true FROM goreleaser/nfpm@sha256:bf713f8fb367975d647bdd7c04137d107fa943d350950c75a6339a97af9353a9 AS nfpm FROM --platform=$BUILDPLATFORM tonistiigi/xx@sha256:0c6a569797744e45955f39d4f7538ac344bfb7ebf0a54006a0a4297b153ccf0f AS xx ARG TARGETPLATFORM FROM --platform=$BUILDPLATFORM rust:alpine@sha256:466dc9924d265455aa73e72fd9cdac9db69ce6a988e6f0e6baf852db3485d97d AS builder ARG BUILDKIT_SBOM_SCAN_STAGE=true RUN apk add clang lld openssl-dev curl bash # copy xx scripts to your build stage COPY --from=xx / / ARG TARGETPLATFORM ARG VER ENV VER=$VER COPY --from=nfpm "/usr/bin/nfpm" "/usr/bin/nfpm" RUN xx-apk add --no-cache musl-dev zlib-dev zlib-static openssl-dev openssl-libs-static pkgconfig alpine-sdk WORKDIR /app RUN cargo new --lib readable-name-generator WORKDIR /app/readable-name-generator COPY Cargo.* ./ RUN xx-cargo build --release --target-dir ./build COPY . ./ RUN xx-cargo build --release --target-dir ./build && \ xx-verify --static "./build/$(xx-cargo --print-target-triple)/release/readable-name-generator" && \ cp -v "./build/$(xx-cargo --print-target-triple)/release/readable-name-generator" "./readable-name-generator" COPY nfpm.yaml nfpm.yaml RUN --mount=type=secret,id=GPG_PASSPHRASE,env=NFPM_PASSPHRASE,required=false \ --mount=type=secret,id=GPG_PRIVATE_KEY,target=/signing-key.asc,required=false \ mkdir /PACKS && \ ( \ test -s /signing-key.asc && \ test -f /signing-key.asc && \ GOARCH="$(xx-info arch)" NFPM_SIGNING_KEY_FILE=/signing-key.asc nfpm pkg --packager ipk --config="nfpm.yaml" --target="/PACKS" && \ GOARCH="$(xx-info arch)" NFPM_SIGNING_KEY_FILE=/signing-key.asc nfpm pkg --packager archlinux --config="nfpm.yaml" --target="/PACKS" && \ GOARCH="$(xx-info arch)" NFPM_SIGNING_KEY_FILE=/signing-key.asc nfpm pkg --packager rpm --config="nfpm.yaml" --target="/PACKS" && \ GOARCH="$(xx-info arch)" NFPM_SIGNING_KEY_FILE=/signing-key.asc nfpm pkg --packager apk --config="nfpm.yaml" --target="/PACKS" && \ GOARCH="$(xx-info arch)" NFPM_SIGNING_KEY_FILE=/signing-key.asc nfpm pkg --packager deb --config="nfpm.yaml" --target="/PACKS" \ ) || \ ( \ GOARCH="$(xx-info arch)" nfpm pkg --packager ipk --config="nfpm.yaml" --target="/PACKS" && \ GOARCH="$(xx-info arch)" nfpm pkg --packager archlinux --config="nfpm.yaml" --target="/PACKS" && \ GOARCH="$(xx-info arch)" nfpm pkg --packager rpm --config="nfpm.yaml" --target="/PACKS" && \ GOARCH="$(xx-info arch)" nfpm pkg --packager apk --config="nfpm.yaml" --target="/PACKS" && \ GOARCH="$(xx-info arch)" nfpm pkg --packager deb --config="nfpm.yaml" --target="/PACKS" \ ) FROM scratch USER nonroot COPY --from=builder /PACKS . COPY --from=builder /app/readable-name-generator/readable-name-generator .