-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathdocker-build-attested.sh
More file actions
43 lines (34 loc) · 997 Bytes
/
docker-build-attested.sh
File metadata and controls
43 lines (34 loc) · 997 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
#!/bin/bash
# Exit on error
set -e
# Ensure version is passed
if [ -z "$1" ]; then
echo "Usage: $0 <version>"
echo "Example: $0 x.y.z"
exit 1
fi
VERSION="$1"
BUILDER="buildkit-container"
# Create builder if it doesn't exist
if ! docker buildx inspect "$BUILDER" >/dev/null 2>&1; then
echo "Creating BuildKit builder: $BUILDER"
docker buildx create --name "$BUILDER" --driver docker-container --use
docker buildx inspect --bootstrap
else
docker buildx use "$BUILDER"
fi
ECHO "Pull latest version of mcr.microsoft.com/dotnet/sdk:9.0"
docker pull mcr.microsoft.com/dotnet/sdk:9.0
echo "Building and Pushing Docker image with SBOM and provenance for version: $VERSION"
docker buildx build \
--platform=linux/amd64 \
-f reqifviewer/Dockerfile \
-t stariongroup/reqifviewer:latest \
-t stariongroup/reqifviewer:$VERSION \
--sbom=true \
--provenance=true \
--push \
.
echo "Build complete."
echo "Tags: latest, $VERSION"
echo "Provenance attached as image metadata"