From 0f8dfaf1156652b556c913aa8e78fccbb1dfd186 Mon Sep 17 00:00:00 2001
From: Paulo Gomes <paulo.gomes.uk@gmail.com>
Date: Wed, 22 May 2024 05:37:36 +0000
Subject: [PATCH] Statically link binaries and remove debug information (#1615)

Signed-off-by: Paulo Gomes <pjbgf@linux.com>
---
 .goreleaser.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.goreleaser.yml b/.goreleaser.yml
index 78d0bb4..cb15102 100644
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -2,10 +2,15 @@
 project_name: kube-bench
 env:
   - GO111MODULE=on
+  - CGO_ENABLED=0
   - KUBEBENCH_CFG=/etc/kube-bench/cfg
 builds:
   - main: main.go
     binary: kube-bench
+    tags:
+      - osusergo
+      - netgo
+      - static_build
     goos:
       - linux
       - darwin
@@ -19,6 +24,9 @@ builds:
       - 6
       - 7
     ldflags:
+      - "-s"
+      - "-w"
+      - "-extldflags '-static'"
       - "-X github.com/aquasecurity/kube-bench/cmd.KubeBenchVersion={{.Version}}"
       - "-X github.com/aquasecurity/kube-bench/cmd.cfgDir={{.Env.KUBEBENCH_CFG}}"
 # Archive customization