-
Notifications
You must be signed in to change notification settings - Fork 10
/
Dockerfile
65 lines (49 loc) · 1.69 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
# SPDX-FileCopyrightText: 2022 Comcast Cable Communications Management, LLC
# SPDX-License-Identifier: Apache-2.0
FROM docker.io/library/golang:1.19-alpine as builder
WORKDIR /src
ARG VERSION
ARG GITCOMMIT
ARG BUILDTIME
RUN apk add --no-cache --no-progress \
ca-certificates \
make \
curl \
git \
openssh \
gcc \
libc-dev \
upx
# Download spruce here to eliminate the need for curl in the final image
RUN mkdir -p /go/bin && \
curl -L -o /go/bin/spruce https://github.com/geofffranks/spruce/releases/download/v1.29.0/spruce-linux-amd64 && \
chmod +x /go/bin/spruce
COPY . .
RUN make test release
##########################
# Build the final image.
##########################
FROM alpine:latest
# Copy over the standard things you'd expect.
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=builder /src/themis /
COPY --from=builder /src/.release/docker/entrypoint.sh /
# Copy over spruce and the spruce template file used to make the actual configuration file.
COPY --from=builder /src/.release/docker/themis_spruce.yaml /tmp/themis_spruce.yaml
COPY --from=builder /go/bin/spruce /bin/
# Include compliance details about the container and what it contains.
COPY --from=builder /src/Dockerfile \
/src/NOTICE \
/src/LICENSE \
/src/CHANGELOG.md /
# Make the location for the configuration file that will be used.
RUN mkdir /etc/themis/ \
&& touch /etc/themis/themis.yaml \
&& chmod 666 /etc/themis/themis.yaml
USER nobody
ENTRYPOINT ["/entrypoint.sh"]
EXPOSE 6500
EXPOSE 6501
EXPOSE 6502
EXPOSE 6503
CMD ["/themis"]