cosign icon indicating copy to clipboard operation
cosign copied to clipboard

Published 20 hours ago verified publisher icon sigstore

verify-dockerfile: does not recognize default parameter substitution

Open Dentrax opened this issue 4 years ago • 1 comments

Description

Minimal reproduce:

  • Set the $BUILDPLATFORM env to arm/v7.

Happy-path test case:

FROM --platform=${BUILDPLATFORM} golang:1.16.3-alpine3.13 AS builder
  • Unset the $BUILDPLATFORM env.

Failing test case:

FROM --platform=${BUILDPLATFORM:-linux/amd64} golang:1.16.3-alpine3.13 AS builder

i.e.:

{
	name:         "digest-platform",
	fileContents: `FROM --platform=${BUILDPLATFORM:-linux/amd64} golang:1.16.3-alpine3.13 AS builder`,
	expected:     []string{"golang:1.16.3-alpine3.13"},
},

getImageFromLine() function returns --platform= instead of --platform=linux/amd64

P.S: This is a limitation of os.ExpandEnv functions. Go currently does not support this feature. We may need to use a custom framework to make a workaround to fix this.

cc: @developer-guy

Dentrax avatar Jul 13 '21 20:07 Dentrax

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 5 days.

github-actions[bot] avatar Sep 20 '22 02:09 github-actions[bot]

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 5 days.

github-actions[bot] avatar Nov 20 '22 02:11 github-actions[bot]

This issue was closed because it has been stalled for 5 days with no activity.

github-actions[bot] avatar Nov 26 '22 02:11 github-actions[bot]