1+ # Base-image
2+ FROM rust:1-alpine3.20 AS base
3+
4+ ENV PATH=${PATH}:/usr/local/bin:/root/.local/bin
5+
6+ RUN apk update && apk add --no-cache \
7+ curl bash bzip2 git zip unzip make gawk \
8+ build-base python3 python3-dev py3-pip pkgconfig openssl-dev \
9+ nodejs npm openjdk21 \
10+ && npm install -g npm corepack \
11+ && node -v \
12+ && npm -v \
13+ && rustc --version \
14+ && cargo --version \
15+ && rm -rf /var/cache/apk/*
16+
17+ CMD ["/bin/bash"]
18+
19+ # cdxgen-image
20+ FROM base AS cdxgen
21+
22+ LABEL maintainer="CycloneDX" \
23+ org.opencontainers.image.authors="Team AppThreat <
[email protected] >" \
24+ org.opencontainers.image.source="https://github.com/CycloneDX/cdxgen" \
25+ org.opencontainers.image.url="https://github.com/CycloneDX/cdxgen" \
26+ org.opencontainers.image.version="rolling" \
27+ org.opencontainers.image.vendor="CycloneDX" \
28+ org.opencontainers.image.licenses="Apache-2.0" \
29+ org.opencontainers.image.title="cdxgen" \
30+ org.opencontainers.image.description="Rolling image with cdxgen SBOM generator for rust apps" \
31+ org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -p 9090:9090 -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen-alpine-rust1:v11 -r /app --server"
32+
33+ ENV CDXGEN_IN_CONTAINER=true \
34+ NODE_COMPILE_CACHE="/opt/cdxgen-node-cache" \
35+ PYTHONPATH=/opt/pypi
36+ ENV PATH=${PATH}:/usr/local/bin:${PYTHONPATH}/bin:/opt/cdxgen/node_modules/.bin
37+
38+ COPY . /opt/cdxgen
39+
40+ RUN cd /opt/cdxgen && corepack enable && corepack pnpm install --config.strict-dep-builds=true --prod --no-optional --package-import-method copy --frozen-lockfile && corepack pnpm cache delete \
41+ && mkdir -p ${NODE_COMPILE_CACHE} \
42+ && node /opt/cdxgen/bin/cdxgen.js --help \
43+ && pip install --upgrade --no-cache-dir blint --target /opt/pypi --break-system-packages \
44+ && rm -rf /root/.cache/node \
45+ && chmod a-w -R /opt
46+ WORKDIR /app
47+ ENTRYPOINT ["node", "/opt/cdxgen/bin/cdxgen.js"]
0 commit comments