Use KO to build container image #410
Draft
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
Solves grafana#406, by changing the base image to something slimer. We can also remove the Dockerfile since it's not used any more. Signed-off-by: Edvin Norling <edvin.norling@kognic.com>
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Comment on lines +54 to +56
| with: | ||
| go-version-file: "go.mod" | ||
| cache: true |
Check failure
Code scanning / zizmor
runtime artifacts potentially vulnerable to a cache poisoning attack Error
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit. This suggestion is invalid because no changes were made to the code. Suggestions cannot be applied while the pull request is closed. Suggestions cannot be applied while viewing a subset of changes. Only one suggestion per line can be applied in a batch. Add this suggestion to a batch that can be applied as a single commit. Applying suggestions on deleted lines is not supported. You must change the existing code in this line in order to create a valid suggestion. Outdated suggestions cannot be applied. This suggestion has been applied or marked resolved. Suggestions cannot be applied from pending reviews. Suggestions cannot be applied on multi-line comments. Suggestions cannot be applied while the pull request is queued to merge. Suggestion cannot be applied right now. Please check back later.
Solves #406
@sd2k realized this became harder than I thought. Since you are using a number of internal github actions with access requirements to Vault for example.
I did some educated guesses based on how it's done in the grafana-operator, but you would definitely need todo things on your side.
The main issue is that KO don't support setting a custom entrypoint the same way as is currently done in the Dockerfile.
So it would be a breaking change.
Claude updated the README for me, I have barely read through it.
I can take a real stab at updating the README, but before doing, so I wanted to point out the breaking change and get your thoughts on it. + handing over the GHA stuff to you since I don't have internal access, and I have just guessed allot.
I fully understand if we just close this PR, but hopefully it was some use for you when thinking about using KO.