diff --git a/docker/tools/Dockerfile b/docker/tools/Dockerfile index dd9e8b3593..d43a9d1a60 100644 --- a/docker/tools/Dockerfile +++ b/docker/tools/Dockerfile @@ -1,11 +1,26 @@ # Build Kopia binary -FROM golang:1.19-bullseye AS builder +FROM golang:1.21-bullseye AS builder ARG kopia_build_commit=master ARG kopia_repo_org=kopia ENV CGO_ENABLED=1 GOEXPERIMENT=boringcrypto GO_EXTLINK_ENABLED=0 RUN apt-get install git +# Build restic binary from source - released version +# This will allow us to bring in security fixes without relying on the official +# image which is released once every quarter +WORKDIR / + +RUN git clone https://github.com/restic/restic.git + +ENV GITHUB_REPOSITORY=https://github.com/restic/restic + +WORKDIR /restic + +RUN git checkout v0.16.0 +RUN go run build.go + +# Build kopia binary from specific commit WORKDIR / RUN git clone https://github.com/${kopia_repo_org}/kopia.git @@ -14,7 +29,6 @@ ENV GITHUB_REPOSITORY=https://github.com/${kopia_repo_org}/kopia WORKDIR /kopia -# Build kopia binary from specific commit RUN git checkout ${kopia_build_commit} RUN GO111MODULE=on GOOS=linux GOARCH=amd64 go build -o kopia \ -ldflags="-X github.com/kopia/kopia/repo.BuildVersion=$(git show --no-patch --format='%cs-%h') \ @@ -45,11 +59,11 @@ LABEL name="kanister-tools" \ vendor="Kanister" \ version="${kan_tools_version}" \ release="${kan_tools_version}" \ - summary="Microservice for application-specific data management for Kubernetes" \ - maintainer="Tom Manville" \ - description="Kanister tools for application-specific data management" + summary="Operator for data protection workflow management on Kubernetes" \ + maintainer="Pavan N Devaraj" \ + description="Tools for application-specific data protection" -COPY --from=restic/restic:0.15.2 /usr/bin/restic /usr/local/bin/restic +COPY --from=builder /restic/restic /usr/local/bin/restic COPY --from=builder /kopia/kopia /usr/local/bin/kopia COPY LICENSE /licenses/LICENSE