-
Notifications
You must be signed in to change notification settings - Fork 1.8k
/
Dockerfile-distroless
33 lines (29 loc) · 1.49 KB
/
Dockerfile-distroless
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
ARG BASE_IMAGE=gcr.io/distroless/cc-debian12
FROM debian:12 AS staging
RUN apt-get update
COPY fetch-debs ./
RUN ./fetch-debs dumb-init libpam0g libaudit1 libcap-ng0
FROM debian:12 AS teleport
# Install the teleport binary from an architecture-specific debian package. Note
# that we cannot simply pass a ready-made package filename in as a build-arg, as
# this dockerfile is used for a multiarch build and any build-args will be
# re-used for multiple ${TARGETARCH}es. In order to get around this we pass
# various components of the architecture-specific debian package filename in as
# individual build args and re-assemble it *inside* the build.
# NOTE that TELEPORT_RELEASE_INFIX *must* include the leading dash if set.
ARG TELEPORT_RELEASE_INFIX
ARG TELEPORT_VERSION
# TARGETARCH is supplied by the `buildx` mechanics
ARG TARGETARCH
ENV TELEPORT_DEB_FILE_NAME=teleport${TELEPORT_RELEASE_INFIX}_${TELEPORT_VERSION}_${TARGETARCH}.deb
COPY $TELEPORT_DEB_FILE_NAME ./$TELEPORT_DEB_FILE_NAME
RUN dpkg-deb -R $TELEPORT_DEB_FILE_NAME /opt/staging && \
mkdir -p /opt/staging/etc/teleport && \
mkdir -p /opt/staging/var/lib/dpkg/status.d/ && \
mv /opt/staging/DEBIAN/control /opt/staging/var/lib/dpkg/status.d/teleport && \
rm -rf /opt/staging/DEBIAN
FROM $BASE_IMAGE
COPY --from=teleport /opt/staging /
COPY --from=staging /opt/staging/root /
COPY --from=staging /opt/staging/status /var/lib/dpkg/status.d
ENTRYPOINT ["/usr/bin/dumb-init", "/usr/local/bin/teleport", "start", "-c", "/etc/teleport/teleport.yaml"]