From c0fa2327a07916e7616620c7319067a03c9922be Mon Sep 17 00:00:00 2001
From: Peter Broadhurst <peter.broadhurst@kaleido.io>
Date: Thu, 23 May 2024 10:04:10 -0400
Subject: [PATCH] Merge pull request #125 from hyperledger/base_image

Allow configuration of a base and build image in Dockerfile
---
 .github/workflows/docker_main.yml    |  5 +++++
 .github/workflows/docker_release.yml |  5 +++++
 .github/workflows/go.yml             |  5 +++++
 Dockerfile                           | 18 ++++++++++++++++++
 Makefile                             |  5 +++++
 5 files changed, 38 insertions(+)

diff --git a/.github/workflows/docker_main.yml b/.github/workflows/docker_main.yml
index f44af11..7417a02 100644
--- a/.github/workflows/docker_main.yml
+++ b/.github/workflows/docker_main.yml
@@ -25,10 +25,15 @@ jobs:
             --label build_date=$(date -u +"%Y-%m-%dT%H:%M:%SZ") \
             --label tag=${{ steps.build_tag_generator.outputs.BUILD_TAG }} \
 <<<<<<< HEAD
+<<<<<<< HEAD
 =======
             --build-arg BASE_IMAGE=alpine:3.19 \
             --build-arg BUILD_IMAGE=golang:1.21-alpine3.19 \
 >>>>>>> 66e0aba (Add build image arg)
+=======
+            --build-arg BASE_IMAGE=alpine:3.19 \
+            --build-arg BUILD_IMAGE=golang:1.21-alpine3.19 \
+>>>>>>> 3a3c7af (Merge pull request #125 from hyperledger/base_image)
             --tag ghcr.io/hyperledger/firefly-fabconnect:${{ steps.build_tag_generator.outputs.BUILD_TAG }} .
 
       - name: Tag release
diff --git a/.github/workflows/docker_release.yml b/.github/workflows/docker_release.yml
index 8ec64b0..d30c83b 100644
--- a/.github/workflows/docker_release.yml
+++ b/.github/workflows/docker_release.yml
@@ -17,10 +17,15 @@ jobs:
             --label build_date=$(date -u +"%Y-%m-%dT%H:%M:%SZ") \
             --label tag=${GITHUB_REF##*/} \
 <<<<<<< HEAD
+<<<<<<< HEAD
 =======
             --build-arg BASE_IMAGE=alpine:3.19 \
             --build-arg BUILD_IMAGE=golang:1.21-alpine3.19 \
 >>>>>>> 66e0aba (Add build image arg)
+=======
+            --build-arg BASE_IMAGE=alpine:3.19 \
+            --build-arg BUILD_IMAGE=golang:1.21-alpine3.19 \
+>>>>>>> 3a3c7af (Merge pull request #125 from hyperledger/base_image)
             --tag ghcr.io/hyperledger/firefly-fabconnect:${GITHUB_REF##*/} \
             --tag ghcr.io/hyperledger/firefly-fabconnect:head \
             .
diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index b6fae20..91d6b75 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -43,8 +43,13 @@ jobs:
             --label build_date=$(date -u +"%Y-%m-%dT%H:%M:%SZ") \
             --label tag=${{ steps.build_tag_generator.outputs.BUILD_TAG }} \
 <<<<<<< HEAD
+<<<<<<< HEAD
 =======
             --build-arg BASE_IMAGE=alpine:3.19 \
             --build-arg BUILD_IMAGE=golang:1.21-alpine3.19 \
 >>>>>>> 66e0aba (Add build image arg)
+=======
+            --build-arg BASE_IMAGE=alpine:3.19 \
+            --build-arg BUILD_IMAGE=golang:1.21-alpine3.19 \
+>>>>>>> 3a3c7af (Merge pull request #125 from hyperledger/base_image)
             --tag ghcr.io/hyperledger/firefly-fabconnect:${{ steps.build_tag_generator.outputs.BUILD_TAG }} .
diff --git a/Dockerfile b/Dockerfile
index e11a6dd..bfb079b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,11 +1,17 @@
 <<<<<<< HEAD
+<<<<<<< HEAD
 FROM golang:1.21-alpine3.19 AS fabconnect-builder
 =======
+=======
+>>>>>>> 3a3c7af (Merge pull request #125 from hyperledger/base_image)
 ARG BASE_IMAGE
 ARG BUILD_IMAGE
 
 FROM ${BUILD_IMAGE} AS fabconnect-builder
+<<<<<<< HEAD
 >>>>>>> 66e0aba (Add build image arg)
+=======
+>>>>>>> 3a3c7af (Merge pull request #125 from hyperledger/base_image)
 RUN apk add make
 ADD . /fabconnect
 WORKDIR /fabconnect
@@ -14,7 +20,19 @@ RUN mkdir /.cache \
     && chmod -R g+rwX /.cache
 RUN make
 
+<<<<<<< HEAD
 FROM alpine:3.19
+=======
+FROM alpine:3.19 AS SBOM
+WORKDIR /
+COPY . /SBOM
+RUN apk add --no-cache curl
+RUN curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.48.3
+RUN trivy fs --format spdx-json --output /sbom.spdx.json /SBOM
+RUN trivy sbom /sbom.spdx.json --severity UNKNOWN,HIGH,CRITICAL --exit-code 1 --ignorefile /SBOM/.trivyignore
+
+FROM $BASE_IMAGE
+>>>>>>> 3a3c7af (Merge pull request #125 from hyperledger/base_image)
 RUN apk add curl
 WORKDIR /fabconnect
 COPY --from=fabconnect-builder /fabconnect/fabconnect ./
diff --git a/Makefile b/Makefile
index 2cab28d..003c572 100644
--- a/Makefile
+++ b/Makefile
@@ -27,10 +27,15 @@ firefly-fabconnect: ${GOFILES}
 go-mod-tidy: .ALWAYS
 	go mod tidy
 <<<<<<< HEAD
+<<<<<<< HEAD
 =======
 docker:
 	docker build --build-arg BASE_IMAGE=alpine:3.19  --build-arg BUILD_IMAGE=golang:1.21-alpine3.19 -t hyperledger/firefly-fabconnect .
 >>>>>>> 66e0aba (Add build image arg)
+=======
+docker:
+	docker build --build-arg BASE_IMAGE=alpine:3.19  --build-arg BUILD_IMAGE=golang:1.21-alpine3.19 -t hyperledger/firefly-fabconnect .
+>>>>>>> 3a3c7af (Merge pull request #125 from hyperledger/base_image)
 build: firefly-fabconnect-nocgo firefly-fabconnect
 .ALWAYS: ;
 clean: