Skip to content

Commit

Permalink
📂 update Red Hat specific files
Browse files Browse the repository at this point in the history
  • Loading branch information
@tommyd450
tommyd450 committed Nov 9, 2023
1 parent 7d0119c commit 556434d
Show file tree
Hide file tree
Showing 2 changed files with 33 additions and 3 deletions.
6 changes: 3 additions & 3 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@ WORKDIR /cosign
COPY . .
USER root
RUN git config --global --add safe.directory /cosign
RUN GOFLAGS="" make cosign
RUN make cosign

# Install Cosign
FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:0dfa71a7ec2caf445e7ac6b7422ae67f3518960bd6dbf62a7b77fa7a6cfc02b1
FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:b40f52aa68b29634ff45429ee804afbaa61b33de29ae775568933c71610f07a4

LABEL description="Cosign is a container signing tool that leverages simple, secure, and auditable signatures based on simple primitives and best practices."
LABEL io.k8s.description="Cosign is a container signing tool that leverages simple, secure, and auditable signatures based on simple primitives and best practices."
Expand All @@ -27,4 +27,4 @@ RUN chgrp -R 0 /${HOME} && chmod -R g=u /${HOME}
WORKDIR ${HOME}

# Makes sure the container stays running
CMD ["tail", "-f", "/dev/null"]
CMD ["tail", "-f", "/dev/null"]
30 changes: 30 additions & 0 deletions redhat/overlays/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
# Build stage
FROM brew.registry.redhat.io/rh-osbs/openshift-golang-builder AS build-env

WORKDIR /cosign
COPY . .
USER root
RUN git config --global --add safe.directory /cosign
RUN make cosign

# Install Cosign
FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:b40f52aa68b29634ff45429ee804afbaa61b33de29ae775568933c71610f07a4

LABEL description="Cosign is a container signing tool that leverages simple, secure, and auditable signatures based on simple primitives and best practices."
LABEL io.k8s.description="Cosign is a container signing tool that leverages simple, secure, and auditable signatures based on simple primitives and best practices."
LABEL io.k8s.display-name="Cosign container image for Red Hat Trusted Signer"
LABEL io.openshift.tags="cosign trusted-signer"
LABEL summary="Provides the cosign CLI binary for signing and verifying container images."
LABEL com.redhat.component="cosign"

COPY --from=build-env /cosign/cosign /usr/local/bin/cosign
RUN chown root:0 /usr/local/bin/cosign && chmod g+wx /usr/local/bin/cosign

#Configure home directory
ENV HOME=/home
RUN chgrp -R 0 /${HOME} && chmod -R g=u /${HOME}

WORKDIR ${HOME}

# Makes sure the container stays running
CMD ["tail", "-f", "/dev/null"]

0 comments on commit 556434d

Please sign in to comment.