How to create simple Docker container with Go utilities installed

huangapple go评论93阅读模式
英文:

How to create simple Docker container with Go utilities installed

问题

我有点困惑于探索Docker的功能,以便创建一个安装了一些Go实用程序的简单容器。我需要创建一个包含gosecgovulncheck实用程序的镜像,以便在容器中运行它们来检查代码。我的尝试产生了以下结果:

# syntax=docker/dockerfile:1
FROM golang:1.19-alpine

WORKDIR /app
ENV GO111MODULE=on

# 复制我的代码以进行检查
COPY go.mod ./
COPY go.sum ./
RUN go mod download
COPY *.go ./

RUN go build -o /docker-gs-ping

RUN apk add --no-cache git
RUN go install github.com/securego/gosec/v2/cmd/gosec@latest
RUN go install golang.org/x/vuln/cmd/govulncheck@latest

EXPOSE 8080

CMD ["gosec", "./..."]

运行容器会出现错误:

docker: Error response from daemon: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "gosec ./...": stat gosec ./...: no such file or directory: unknown.
ERRO[0000] error waiting for container: context canceled 

看起来我需要指定安装实用程序的路径,但我无法使其工作。

英文:

I'm kinda stuck exploring Docker features in order to create simple container with some Go utilities installed. I need to create image that has gosec and govulncheck utilities installed so I can run them on code in container. My petty attempt produced the following:

# syntax=docker/dockerfile:1
FROM golang:1.19-alpine

WORKDIR /app
ENV GO111MODULE=on

# copying my code to check
COPY go.mod ./
COPY go.sum ./
RUN go mod download
COPY *.go ./

RUN go build -o /docker-gs-ping

RUN apk add --no-cache git
RUN go install github.com/securego/gosec/v2/cmd/gosec@latest
RUN go install golang.org/x/vuln/cmd/govulncheck@latest

EXPOSE 8080

CMD [ "gosec ./..." ]

Running the container results in error:

docker: Error response from daemon: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "gosec ./...": stat gosec ./...: no such file or directory: unknown.
ERRO[0000] error waiting for container: context canceled 

It looks like I need to specify paths to installed utilities, but I couldn't make it work

答案1

得分: 1

这不是一个路径问题;问题在于你在Dockerfile的CMD语句中使用的语法。你正在使用CMD语句的JSON格式;JSON列表中的第一个参数是要运行的命令的名称。你要求Docker运行一个名为gosec ./...的命令,显然这个命令不存在。

你需要将其拆分为多个列表项:

CMD [ "gosec", "./..." ]

或者,你可以使用CMD指令的shell形式:

CMD gosec ./...

无论哪种方式,当你启动容器时都会运行gosec命令。

英文:

This isn't a path issue; the problem is the syntax you've used in the CMD statement in your Dockerfile. You're using the JSON-format of the CMD statement; the first argument in the JSON list is the name of the command to run. You've asked Docker to run a command named gosec ./..., which of course doesn't exist.

You need to split that into multiple list items:

CMD [ "gosec", "./..." ]

Alternatively, you can use the shell form of the CMD directive:

CMD  gosec ./...

Either of those will run gosec when you start the container.

huangapple
  • 本文由 发表于 2022年12月11日 21:05:08
  • 转载请务必保留本文链接:https://go.coder-hub.com/74761059.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定