From acd74147ddbd368d82f021c8f55b687867849875 Mon Sep 17 00:00:00 2001
From: George Angel <george-angel@users.noreply.github.com>
Date: Wed, 22 Feb 2023 20:37:19 +1000
Subject: [PATCH] Run on Alpine

Smaller image with no vulnerabilities
---
 Dockerfile | 33 +++++++++++++--------------------
 1 file changed, 13 insertions(+), 20 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index d8b04b5..e40104b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,41 +1,34 @@
-# build stage
-FROM golang:1 AS build
+FROM golang:1.20-alpine AS build
 
 ENV \
-  STRONGBOX_VERSION=1.0.1 \
+  STRONGBOX_VERSION=1.1.0 \
   KUSTOMIZE_VERSION=v5.0.0
 
 RUN os=$(go env GOOS) && arch=$(go env GOARCH) \
-  && curl -Ls https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/${KUSTOMIZE_VERSION}/kustomize_${KUSTOMIZE_VERSION}_${os}_${arch}.tar.gz \
-    | tar xz -C /usr/local/bin/ \
-  && chmod +x /usr/local/bin/kustomize \
-  && curl -Ls https://github.com/uw-labs/strongbox/releases/download/v${STRONGBOX_VERSION}/strongbox_${STRONGBOX_VERSION}_${os}_${arch} \
-    > /usr/local/bin/strongbox \
-  && chmod +x  /usr/local/bin/strongbox
+      && apk --no-cache add curl \
+      && curl -Ls https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/${KUSTOMIZE_VERSION}/kustomize_${KUSTOMIZE_VERSION}_${os}_${arch}.tar.gz \
+           | tar xz -C /usr/local/bin/ \
+      && chmod +x /usr/local/bin/kustomize \
+      && curl -Ls https://github.com/uw-labs/strongbox/releases/download/v${STRONGBOX_VERSION}/strongbox_${STRONGBOX_VERSION}_${os}_${arch} \
+           > /usr/local/bin/strongbox \
+      && chmod +x /usr/local/bin/strongbox
 
 ADD . /app
-
 WORKDIR /app
 
-
 RUN go test -v -cover ./... \
-    && go build -ldflags='-s -w' -o /argocd-voodoobox-plugin .
+      && go build -ldflags='-s -w' -o /argocd-voodoobox-plugin .
 
 # final stage
 # argocd requires that sidecar container is running as user 999
-FROM ubuntu:22.04
+FROM alpine:3.17
 
 USER root
 
 ENV ARGOCD_USER_ID=999
 
-RUN groupadd -g $ARGOCD_USER_ID argocd && \
-    useradd -r -u $ARGOCD_USER_ID -g argocd argocd && \
-    apt-get update && \
-    apt-get -y upgrade && \
-    apt-get install -y git git-lfs && \
-    apt-get clean && \
-    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+RUN adduser -S -H -u $ARGOCD_USER_ID argocd \
+      && apk --no-cache add git git-lfs
 
 COPY --from=build \
   /usr/local/bin/kustomize \