osv-scanner

FROM stagex/pallet-cgo AS build
ARG VERSION
ADD fetch/osv-scanner-${VERSION}.tar.gz .
ENV GOPROXY=https://proxy.golang.org,direct
ENV GOSUMDB=sum.golang.org
ENV GOPATH=/cache/go
ENV GOBIN=${GOPATH}/bin
ENV PATH=${GOBIN}:${PATH}
WORKDIR /osv-scanner-${VERSION}
RUN go mod download
RUN --network=none <<-EOF
	set -eux
	mkdir -p out
	go build -v \
		--ldflags="-w -s -buildid= " \
		-o out/ \
		./cmd/...
	set -eux
	mkdir -p /rootfs
	install -Dm755 ./out/osv-scanner -t /rootfs/usr/bin/
EOF
FROM stagex/core-filesystem AS package
COPY --from=build /rootfs/ /