chore: migrate .goreleaser build to docker_v2

Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>

.goreleaser.yaml

@@ -73,252 +73,68 @@ brews:
     description: *description
     license: "Apache License 2.0"
 
-dockers:
-  # production images...
-  - image_templates:
-      - anchore/syft:{{.Tag}}-amd64
-      - ghcr.io/anchore/syft:{{.Tag}}-amd64
-    goarch: amd64
+dockers_v2:
+  # production images (scratch base, root)
+  - id: production
     dockerfile: Dockerfile
-    use: buildx
-    build_flag_templates:
-      - "--platform=linux/amd64"
-      - "--build-arg=BUILD_DATE={{.Date}}"
-      - "--build-arg=BUILD_VERSION={{.Version}}"
-      - "--build-arg=VCS_REF={{.FullCommit}}"
-      - "--build-arg=VCS_URL={{.GitURL}}"
+    ids: &docker-ids
+      - linux-build
+    images: &docker-images
+      - anchore/syft
+      - ghcr.io/anchore/syft
+    platforms: &docker-platforms
+      - linux/amd64
+      - linux/arm64
+      - linux/ppc64le
+      - linux/s390x
+    labels: &docker-labels
+      "org.opencontainers.image.created": "{{.Date}}"
+      "org.opencontainers.image.title": "syft"
+      "org.opencontainers.image.description": "CLI tool and library for generating a Software Bill of Materials from container images and filesystems"
+      "org.opencontainers.image.source": "{{.GitURL}}"
+      "org.opencontainers.image.revision": "{{.FullCommit}}"
+      "org.opencontainers.image.vendor": "Anchore, Inc."
+      "org.opencontainers.image.version": "{{.Version}}"
+      "org.opencontainers.image.licenses": "Apache-2.0"
+      "io.artifacthub.package.readme-url": "https://raw.githubusercontent.com/anchore/syft/main/README.md"
+      "io.artifacthub.package.logo-url": "https://user-images.githubusercontent.com/5199289/136844524-1527b09f-c5cb-4aa9-be54-5aa92a6086c1.png"
+      "io.artifacthub.package.license": "Apache-2.0"
+    tags:
+      - latest
+      - "{{.Tag}}"
 
-  - image_templates:
-      - anchore/syft:{{.Tag}}-arm64v8
-      - ghcr.io/anchore/syft:{{.Tag}}-arm64v8
-    goarch: arm64
-    dockerfile: Dockerfile
-    use: buildx
-    build_flag_templates:
-      - "--platform=linux/arm64/v8"
-      - "--build-arg=BUILD_DATE={{.Date}}"
-      - "--build-arg=BUILD_VERSION={{.Version}}"
-      - "--build-arg=VCS_REF={{.FullCommit}}"
-      - "--build-arg=VCS_URL={{.GitURL}}"
-
-  - image_templates:
-      - anchore/syft:{{.Tag}}-ppc64le
-      - ghcr.io/anchore/syft:{{.Tag}}-ppc64le
-    goarch: ppc64le
-    dockerfile: Dockerfile
-    use: buildx
-    build_flag_templates:
-      - "--platform=linux/ppc64le"
-      - "--build-arg=BUILD_DATE={{.Date}}"
-      - "--build-arg=BUILD_VERSION={{.Version}}"
-      - "--build-arg=VCS_REF={{.FullCommit}}"
-      - "--build-arg=VCS_URL={{.GitURL}}"
-
-  - image_templates:
-      - anchore/syft:{{.Tag}}-s390x
-      - ghcr.io/anchore/syft:{{.Tag}}-s390x
-    goarch: s390x
-    dockerfile: Dockerfile
-    use: buildx
-    build_flag_templates:
-      - "--platform=linux/s390x"
-      - "--build-arg=BUILD_DATE={{.Date}}"
-      - "--build-arg=BUILD_VERSION={{.Version}}"
-      - "--build-arg=VCS_REF={{.FullCommit}}"
-      - "--build-arg=VCS_URL={{.GitURL}}"
-
-  # nonroot images...
-  - image_templates:
-      - anchore/syft:{{.Tag}}-nonroot-amd64
-      - ghcr.io/anchore/syft:{{.Tag}}-nonroot-amd64
-    goarch: amd64
+  # nonroot images
+  - id: nonroot
     dockerfile: Dockerfile.nonroot
-    use: buildx
-    build_flag_templates:
-      - "--platform=linux/amd64"
-      - "--build-arg=BUILD_DATE={{.Date}}"
-      - "--build-arg=BUILD_VERSION={{.Version}}"
-      - "--build-arg=VCS_REF={{.FullCommit}}"
-      - "--build-arg=VCS_URL={{.GitURL}}"
+    ids: *docker-ids
+    images: *docker-images
+    platforms: *docker-platforms
+    labels: *docker-labels
+    tags:
+      - nonroot
+      - "{{.Tag}}-nonroot"
 
-  - image_templates:
-      - anchore/syft:{{.Tag}}-nonroot-arm64v8
-      - ghcr.io/anchore/syft:{{.Tag}}-nonroot-arm64v8
-    goarch: arm64
-    dockerfile: Dockerfile.nonroot
-    use: buildx
-    build_flag_templates:
-      - "--platform=linux/arm64/v8"
-      - "--build-arg=BUILD_DATE={{.Date}}"
-      - "--build-arg=BUILD_VERSION={{.Version}}"
-      - "--build-arg=VCS_REF={{.FullCommit}}"
-      - "--build-arg=VCS_URL={{.GitURL}}"
-
-  - image_templates:
-      - anchore/syft:{{.Tag}}-nonroot-ppc64le
-      - ghcr.io/anchore/syft:{{.Tag}}-nonroot-ppc64le
-    goarch: ppc64le
-    dockerfile: Dockerfile.nonroot
-    use: buildx
-    build_flag_templates:
-      - "--platform=linux/ppc64le"
-      - "--build-arg=BUILD_DATE={{.Date}}"
-      - "--build-arg=BUILD_VERSION={{.Version}}"
-      - "--build-arg=VCS_REF={{.FullCommit}}"
-      - "--build-arg=VCS_URL={{.GitURL}}"
-
-  - image_templates:
-      - anchore/syft:{{.Tag}}-nonroot-s390x
-      - ghcr.io/anchore/syft:{{.Tag}}-nonroot-s390x
-    goarch: s390x
-    dockerfile: Dockerfile.nonroot
-    use: buildx
-    build_flag_templates:
-      - "--platform=linux/s390x"
-      - "--build-arg=BUILD_DATE={{.Date}}"
-      - "--build-arg=BUILD_VERSION={{.Version}}"
-      - "--build-arg=VCS_REF={{.FullCommit}}"
-      - "--build-arg=VCS_URL={{.GitURL}}"
-
-  # debug images...
-  - image_templates:
-      - anchore/syft:{{.Tag}}-debug-amd64
-      - ghcr.io/anchore/syft:{{.Tag}}-debug-amd64
-    goarch: amd64
+  # debug images (root)
+  - id: debug
     dockerfile: Dockerfile.debug
-    use: buildx
-    build_flag_templates:
-      - "--platform=linux/amd64"
-      - "--build-arg=BUILD_DATE={{.Date}}"
-      - "--build-arg=BUILD_VERSION={{.Version}}"
-      - "--build-arg=VCS_REF={{.FullCommit}}"
-      - "--build-arg=VCS_URL={{.GitURL}}"
+    ids: *docker-ids
+    images: *docker-images
+    platforms: *docker-platforms
+    labels: *docker-labels
+    tags:
+      - debug
+      - "{{.Tag}}-debug"
 
-  - image_templates:
-      - anchore/syft:{{.Tag}}-debug-arm64v8
-      - ghcr.io/anchore/syft:{{.Tag}}-debug-arm64v8
-    goarch: arm64
-    dockerfile: Dockerfile.debug
-    use: buildx
-    build_flag_templates:
-      - "--platform=linux/arm64/v8"
-      - "--build-arg=BUILD_DATE={{.Date}}"
-      - "--build-arg=BUILD_VERSION={{.Version}}"
-      - "--build-arg=VCS_REF={{.FullCommit}}"
-      - "--build-arg=VCS_URL={{.GitURL}}"
-
-  - image_templates:
-      - anchore/syft:{{.Tag}}-debug-ppc64le
-      - ghcr.io/anchore/syft:{{.Tag}}-debug-ppc64le
-    goarch: ppc64le
-    dockerfile: Dockerfile.debug
-    use: buildx
-    build_flag_templates:
-      - "--platform=linux/ppc64le"
-      - "--build-arg=BUILD_DATE={{.Date}}"
-      - "--build-arg=BUILD_VERSION={{.Version}}"
-      - "--build-arg=VCS_REF={{.FullCommit}}"
-      - "--build-arg=VCS_URL={{.GitURL}}"
-
-  - image_templates:
-      - anchore/syft:{{.Tag}}-debug-s390x
-      - ghcr.io/anchore/syft:{{.Tag}}-debug-s390x
-    goarch: s390x
-    dockerfile: Dockerfile.debug
-    use: buildx
-    build_flag_templates:
-      - "--platform=linux/s390x"
-      - "--build-arg=BUILD_DATE={{.Date}}"
-      - "--build-arg=BUILD_VERSION={{.Version}}"
-      - "--build-arg=VCS_REF={{.FullCommit}}"
-      - "--build-arg=VCS_URL={{.GitURL}}"
-
-docker_manifests:
-  - name_template: anchore/syft:latest
-    image_templates:
-      - anchore/syft:{{.Tag}}-amd64
-      - anchore/syft:{{.Tag}}-arm64v8
-      - anchore/syft:{{.Tag}}-ppc64le
-      - anchore/syft:{{.Tag}}-s390x
-
-  - name_template: ghcr.io/anchore/syft:latest
-    image_templates:
-      - ghcr.io/anchore/syft:{{.Tag}}-amd64
-      - ghcr.io/anchore/syft:{{.Tag}}-arm64v8
-      - ghcr.io/anchore/syft:{{.Tag}}-ppc64le
-      - ghcr.io/anchore/syft:{{.Tag}}-s390x
-
-  - name_template: anchore/syft:{{.Tag}}
-    image_templates:
-      - anchore/syft:{{.Tag}}-amd64
-      - anchore/syft:{{.Tag}}-arm64v8
-      - anchore/syft:{{.Tag}}-ppc64le
-      - anchore/syft:{{.Tag}}-s390x
-
-  - name_template: ghcr.io/anchore/syft:{{.Tag}}
-    image_templates:
-      - ghcr.io/anchore/syft:{{.Tag}}-amd64
-      - ghcr.io/anchore/syft:{{.Tag}}-arm64v8
-      - ghcr.io/anchore/syft:{{.Tag}}-ppc64le
-      - ghcr.io/anchore/syft:{{.Tag}}-s390x
-
-  # nonroot images...
-  - name_template: anchore/syft:nonroot
-    image_templates:
-      - anchore/syft:{{.Tag}}-nonroot-amd64
-      - anchore/syft:{{.Tag}}-nonroot-arm64v8
-      - anchore/syft:{{.Tag}}-nonroot-ppc64le
-      - anchore/syft:{{.Tag}}-nonroot-s390x
-
-  - name_template: ghcr.io/anchore/syft:nonroot
-    image_templates:
-      - ghcr.io/anchore/syft:{{.Tag}}-nonroot-amd64
-      - ghcr.io/anchore/syft:{{.Tag}}-nonroot-arm64v8
-      - ghcr.io/anchore/syft:{{.Tag}}-nonroot-ppc64le
-      - ghcr.io/anchore/syft:{{.Tag}}-nonroot-s390x
-
-  - name_template: anchore/syft:{{.Tag}}-nonroot
-    image_templates:
-      - anchore/syft:{{.Tag}}-nonroot-amd64
-      - anchore/syft:{{.Tag}}-nonroot-arm64v8
-      - anchore/syft:{{.Tag}}-nonroot-ppc64le
-      - anchore/syft:{{.Tag}}-nonroot-s390x
-
-  - name_template: ghcr.io/anchore/syft:{{.Tag}}-nonroot
-    image_templates:
-      - ghcr.io/anchore/syft:{{.Tag}}-nonroot-amd64
-      - ghcr.io/anchore/syft:{{.Tag}}-nonroot-arm64v8
-      - ghcr.io/anchore/syft:{{.Tag}}-nonroot-ppc64le
-      - ghcr.io/anchore/syft:{{.Tag}}-nonroot-s390x
-
-  # debug images...
-  - name_template: anchore/syft:debug
-    image_templates:
-      - anchore/syft:{{.Tag}}-debug-amd64
-      - anchore/syft:{{.Tag}}-debug-arm64v8
-      - anchore/syft:{{.Tag}}-debug-ppc64le
-      - anchore/syft:{{.Tag}}-debug-s390x
-
-  - name_template: ghcr.io/anchore/syft:debug
-    image_templates:
-      - ghcr.io/anchore/syft:{{.Tag}}-debug-amd64
-      - ghcr.io/anchore/syft:{{.Tag}}-debug-arm64v8
-      - ghcr.io/anchore/syft:{{.Tag}}-debug-ppc64le
-      - ghcr.io/anchore/syft:{{.Tag}}-debug-s390x
-
-  - name_template: anchore/syft:{{.Tag}}-debug
-    image_templates:
-      - anchore/syft:{{.Tag}}-debug-amd64
-      - anchore/syft:{{.Tag}}-debug-arm64v8
-      - anchore/syft:{{.Tag}}-debug-ppc64le
-      - anchore/syft:{{.Tag}}-debug-s390x
-
-  - name_template: ghcr.io/anchore/syft:{{.Tag}}-debug
-    image_templates:
-      - ghcr.io/anchore/syft:{{.Tag}}-debug-amd64
-      - ghcr.io/anchore/syft:{{.Tag}}-debug-arm64v8
-      - ghcr.io/anchore/syft:{{.Tag}}-debug-ppc64le
-      - ghcr.io/anchore/syft:{{.Tag}}-debug-s390x
+  # debug-nonroot images
+  - id: debug-nonroot
+    dockerfile: Dockerfile.debug-nonroot
+    ids: *docker-ids
+    images: *docker-images
+    platforms: *docker-platforms
+    labels: *docker-labels
+    tags:
+      - debug-nonroot
+      - "{{.Tag}}-debug-nonroot"
 
 sboms:
   - artifacts: archive

Dockerfile

@@ -7,23 +7,7 @@ COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certifica
 # create the /tmp dir, which is needed for image content cache
 WORKDIR /tmp
 
-COPY syft /
-
-ARG BUILD_DATE
-ARG BUILD_VERSION
-ARG VCS_REF
-ARG VCS_URL
-
-LABEL org.opencontainers.image.created=$BUILD_DATE
-LABEL org.opencontainers.image.title="syft"
-LABEL org.opencontainers.image.description="CLI tool and library for generating a Software Bill of Materials from container images and filesystems"
-LABEL org.opencontainers.image.source=$VCS_URL
-LABEL org.opencontainers.image.revision=$VCS_REF
-LABEL org.opencontainers.image.vendor="Anchore, Inc."
-LABEL org.opencontainers.image.version=$BUILD_VERSION
-LABEL org.opencontainers.image.licenses="Apache-2.0"
-LABEL io.artifacthub.package.readme-url="https://raw.githubusercontent.com/anchore/syft/main/README.md"
-LABEL io.artifacthub.package.logo-url="https://user-images.githubusercontent.com/5199289/136844524-1527b09f-c5cb-4aa9-be54-5aa92a6086c1.png"
-LABEL io.artifacthub.package.license="Apache-2.0"
+ARG TARGETPLATFORM
+COPY ${TARGETPLATFORM}/syft /
 
 ENTRYPOINT ["/syft"]

Dockerfile.debug

@@ -1,27 +1,9 @@
-FROM gcr.io/distroless/static-debian12:debug-nonroot
+FROM gcr.io/distroless/static-debian12:debug
 
 # create the /tmp dir, which is needed for image content cache
 WORKDIR /tmp
 
-COPY syft /
-
-USER nonroot
-
-ARG BUILD_DATE
-ARG BUILD_VERSION
-ARG VCS_REF
-ARG VCS_URL
-
-LABEL org.opencontainers.image.created=$BUILD_DATE
-LABEL org.opencontainers.image.title="syft"
-LABEL org.opencontainers.image.description="CLI tool and library for generating a Software Bill of Materials from container images and filesystems"
-LABEL org.opencontainers.image.source=$VCS_URL
-LABEL org.opencontainers.image.revision=$VCS_REF
-LABEL org.opencontainers.image.vendor="Anchore, Inc."
-LABEL org.opencontainers.image.version=$BUILD_VERSION
-LABEL org.opencontainers.image.licenses="Apache-2.0"
-LABEL io.artifacthub.package.readme-url="https://raw.githubusercontent.com/anchore/syft/main/README.md"
-LABEL io.artifacthub.package.logo-url="https://user-images.githubusercontent.com/5199289/136844524-1527b09f-c5cb-4aa9-be54-5aa92a6086c1.png"
-LABEL io.artifacthub.package.license="Apache-2.0"
+ARG TARGETPLATFORM
+COPY ${TARGETPLATFORM}/syft /
 
 ENTRYPOINT ["/syft"]

Dockerfile.debug-nonroot

@@ -0,0 +1,11 @@
+FROM gcr.io/distroless/static-debian12:debug-nonroot
+
+# create the /tmp dir, which is needed for image content cache
+WORKDIR /tmp
+
+ARG TARGETPLATFORM
+COPY ${TARGETPLATFORM}/syft /
+
+USER nonroot
+
+ENTRYPOINT ["/syft"]

Dockerfile.nonroot

@@ -3,25 +3,9 @@ FROM gcr.io/distroless/static-debian12:nonroot
 # create the /tmp dir, which is needed for image content cache
 WORKDIR /tmp
 
-COPY syft /
+ARG TARGETPLATFORM
+COPY ${TARGETPLATFORM}/syft /
 
 USER nonroot
 
-ARG BUILD_DATE
-ARG BUILD_VERSION
-ARG VCS_REF
-ARG VCS_URL
-
-LABEL org.opencontainers.image.created=$BUILD_DATE
-LABEL org.opencontainers.image.title="syft"
-LABEL org.opencontainers.image.description="CLI tool and library for generating a Software Bill of Materials from container images and filesystems"
-LABEL org.opencontainers.image.source=$VCS_URL
-LABEL org.opencontainers.image.revision=$VCS_REF
-LABEL org.opencontainers.image.vendor="Anchore, Inc."
-LABEL org.opencontainers.image.version=$BUILD_VERSION
-LABEL org.opencontainers.image.licenses="Apache-2.0"
-LABEL io.artifacthub.package.readme-url="https://raw.githubusercontent.com/anchore/syft/main/README.md"
-LABEL io.artifacthub.package.logo-url="https://user-images.githubusercontent.com/5199289/136844524-1527b09f-c5cb-4aa9-be54-5aa92a6086c1.png"
-LABEL io.artifacthub.package.license="Apache-2.0"
-
 ENTRYPOINT ["/syft"]