From 0a6a3cae42bfe6fb1d9d84535b4bd29c31e6d644 Mon Sep 17 00:00:00 2001
From: Kirk Crane <kcrane@redhat.com>
Date: Fri, 27 Oct 2023 12:35:13 -0400
Subject: [PATCH] Add multi-arch support for scanner-build

---
 images/scanner-build.Dockerfile | 39 ++++++++++++++++++++-------------
 1 file changed, 24 insertions(+), 15 deletions(-)

diff --git a/images/scanner-build.Dockerfile b/images/scanner-build.Dockerfile
index 57b284cf..2c55e58c 100644
--- a/images/scanner-build.Dockerfile
+++ b/images/scanner-build.Dockerfile
@@ -1,40 +1,49 @@
 # Provides the tooling required to run Scanner dockerized build targets.
 
-FROM quay.io/centos/centos:stream8
+FROM quay.io/centos/centos:stream9
 
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 
 RUN dnf update -y && \
-    dnf install -y dnf-plugins-core epel-release wget && \
+    dnf install -y dnf-plugins-core wget && \
     dnf -y groupinstall "Development Tools" && \
     dnf clean all && \
     rm -rf /var/cache/dnf /var/cache/yum
 
 ARG GOLANG_VERSION=1.20.4
-ARG GOLANG_SHA256=698ef3243972a51ddb4028e4a1ac63dc6d60821bf18e59a807e051fee0a385bd
+ARG GOLANG_SHA256_x86_64=698ef3243972a51ddb4028e4a1ac63dc6d60821bf18e59a807e051fee0a385bd
+ARG GOLANG_SHA256_s390x=57f999a4e605b1dfa4e7e58c7dbae47d370ea240879edba8001ab33c9a963ebf
+ARG GOLANG_SHA256_ppc64le=8c6f44b96c2719c90eebabe2dd866f9c39538648f7897a212cac448587e9a408
 ENV GOPATH /go
 ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH
-RUN url="https://dl.google.com/go/go${GOLANG_VERSION}.linux-amd64.tar.gz" && \
+RUN GOLANG_SHA256="GOLANG_SHA256_$(uname -m)" && \
+    GOLANG_ARCH="$([ $(uname -m) == "x86_64" ] && echo "amd64" || echo "$(uname -m)")" && \
+    url="https://dl.google.com/go/go${GOLANG_VERSION}.linux-${GOLANG_ARCH}.tar.gz" && \
     wget --no-verbose -O go.tgz "$url" && \
-    echo "${GOLANG_SHA256} *go.tgz" | sha256sum -c - && \
+    echo "${!GOLANG_SHA256} *go.tgz" | sha256sum -c - && \
     tar -C /usr/local -xzf go.tgz && \
     rm go.tgz && \
     mkdir -p "$GOPATH/src" "$GOPATH/bin" && \
     chmod -R 777 "$GOPATH"
 
 # fetch
-ARG FETCH_VERSION=0.3.5
-ARG FETCH_SHA256=8d4d99e903b30dbd24290e9a056a982ea2326a05ded24c63be64df16e7e0d9f0
-RUN wget --no-verbose -O fetch https://github.com/gruntwork-io/fetch/releases/download/v${FETCH_VERSION}/fetch_linux_amd64 && \
-    echo "${FETCH_SHA256} fetch" | sha256sum -c - && \
-    install fetch /usr/bin
+ARG FETCH_VERSION=0.4.6
+RUN cd /tmp && \
+    git clone https://github.com/gruntwork-io/fetch && \
+    cd fetch && \
+    git checkout v${FETCH_VERSION} && \
+    go build && \
+    install fetch /usr/bin && \
+    rm -Rf /tmp/fetch
 
 # ossls
 ARG OSSLS_VERSION=0.10.1
-ARG OSSLS_SHA256=afdec2fa63b27ced4aeb3297399d45b0f06861e6ebc8cb2431b9653b7f113320
-RUN fetch --repo="https://github.com/stackrox/ossls" --tag="${OSSLS_VERSION}" --release-asset="ossls_linux_amd64" . && \
-    echo "${OSSLS_SHA256} *ossls_linux_amd64" | sha256sum -c - && \
-    install ossls_linux_amd64 /usr/bin/ossls && \
-    ossls version
+RUN cd /tmp && \
+    git clone https://github.com/stackrox/ossls.git && \
+    cd ossls && \
+    git checkout ${OSSLS_VERSION} && \
+    go build && \
+    install ossls /usr/bin && \
+    rm -Rf /tmp/ossls
 
 WORKDIR /go/src/github.com/stackrox/scanner