-
Notifications
You must be signed in to change notification settings - Fork 18
Expand file tree
/
Copy pathDockerfile
More file actions
78 lines (65 loc) · 3.29 KB
/
Dockerfile
File metadata and controls
78 lines (65 loc) · 3.29 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
# syntax=docker/dockerfile:1
FROM --platform=$BUILDPLATFORM rust:1-bookworm AS builder
# (args from Docker BuildKit)
ARG TARGETPLATFORM
ARG BUILDPLATFORM
RUN case "$TARGETPLATFORM" in \
'linux/amd64') echo 'export RUST_TARGET=x86_64-unknown-linux-gnu' > /rust_env.sh ;; \
'linux/arm64') echo 'export RUST_TARGET=aarch64-unknown-linux-gnu' > /rust_env.sh ;; \
*) echo "Unsupported platform: ${TARGETPLATFORM}" && exit 1 ;; \
esac && \
. /rust_env.sh && \
rustup target add "$RUST_TARGET"
RUN apt-get update && apt-get install --no-install-recommends -y \
ca-certificates \
curl \
git && \
if [ "$TARGETPLATFORM" = 'linux/arm64' ] && [ "$BUILDPLATFORM" != 'linux/arm64' ]; then \
apt-get install --no-install-recommends -y gcc-aarch64-linux-gnu g++-aarch64-linux-gnu libc6-dev-arm64-cross && \
printf '%s\n' \
'export CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER=aarch64-linux-gnu-gcc' \
'export CC_aarch64_unknown_linux_gnu=aarch64-linux-gnu-gcc' \
'export CXX_aarch64_unknown_linux_gnu=aarch64-linux-gnu-g++' \
>> /rust_env.sh; \
else \
apt-get install --no-install-recommends -y build-essential; \
fi
WORKDIR /app
COPY Cargo.toml Cargo.lock ./
COPY crates ./crates
COPY misc/github-action.sh ./github-action.sh
RUN cargo fetch --locked
RUN . /rust_env.sh && \
cargo build --locked --release --target="$RUST_TARGET" \
--bin datadog-static-analyzer \
--bin datadog-static-analyzer-git-hook \
--bin datadog-static-analyzer-server && \
mkdir -p /target && \
cp "target/$RUST_TARGET/release/datadog-static-analyzer" /target/ && \
cp "target/$RUST_TARGET/release/datadog-static-analyzer-git-hook" /target/ && \
cp "target/$RUST_TARGET/release/datadog-static-analyzer-server" /target/
FROM node:24-bookworm-slim
RUN apt-get update && apt-get install -y ca-certificates \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
RUN npm install -g @datadog/datadog-ci@^4 --no-audit --no-fund --progress=false --no-update-notifier --loglevel=error && \
datadog-ci --version
# Add passthrough datadog-ci shim that logs a deprecation notice
RUN DATADOG_CI_PATH=$(command -v datadog-ci) && \
mv "$DATADOG_CI_PATH" "$DATADOG_CI_PATH-target" && \
printf '#!/bin/sh\n\
echo "================================================================================" >&2\n\
echo "WARNING:" >&2\n\
echo "The datadog-ci binary in this container will be removed in a future release." >&2\n\
echo "Please install datadog-ci separately in your environment if you need it." >&2\n\
echo "" >&2\n\
echo "If using datadog-static-analyzer-github-action, consider upgrading to v3." >&2\n\
echo "================================================================================" >&2\n\
exec "%s-target" "$@"\n' "$DATADOG_CI_PATH" > "$DATADOG_CI_PATH" && \
chmod +x "$DATADOG_CI_PATH"
COPY --from=builder /target/datadog-static-analyzer /usr/bin/datadog-static-analyzer
COPY --from=builder /target/datadog-static-analyzer-server /usr/bin/datadog-static-analyzer-server
COPY --from=builder /target/datadog-static-analyzer-git-hook /usr/bin/datadog-static-analyzer-git-hook
COPY --from=builder /app/github-action.sh /usr/bin/github-action.sh
ENTRYPOINT ["/usr/bin/datadog-static-analyzer"]
CMD ["--help"]