forked from openshift/hypershift
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathContainerfile.operator
54 lines (48 loc) · 2.62 KB
/
Containerfile.operator
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
FROM registry.access.redhat.com/ubi9/go-toolset:1.20 as builder
COPY . .
# Go toolset runs as user default(1001) with group root. To be able to build in
# rootless mode as podman and ocp do, it is necessary to give permissions for
# file creation to the root group, of which the user default is a member.
#
# Due to CVE-2022-24765, git refuses actions on .git repository it does not own
# Since the COPY command leaves the owner as root but the build is done as the
# default user, we need to set the global git config to consier the working
# directory as a safe one
RUN chmod g+w . && \
git config --global --add safe.directory "$PWD" && \
make build
FROM registry.access.redhat.com/ubi9-minimal:9.2
COPY --from=builder \
/opt/app-root/src/bin/hypershift \
/opt/app-root/src/bin/hcp \
/opt/app-root/src/bin/hypershift-operator \
/opt/app-root/src/bin/control-plane-operator \
/opt/app-root/src/bin/control-plane-pki-operator \
/usr/bin/
RUN cd /usr/bin && \
ln -s control-plane-operator ignition-server && \
ln -s control-plane-operator konnectivity-socks5-proxy && \
ln -s control-plane-operator availability-prober && \
ln -s control-plane-operator token-minter
ENTRYPOINT ["/usr/bin/hypershift"]
LABEL name="multicluster-engine/hypershift-operator"
LABEL description="HyperShift Operator is an operator to manage the lifecycle of Hosted Clusters"
LABEL summary="HyperShift Operator"
LABEL url="https://catalog.redhat.com/software/containers/multicluster-engine/hypershift-rhel8-operator/"
LABEL version=4.15
LABEL com.redhat.component="multicluster-engine-hypershift-operator"
LABEL io.k8s.description="HyperShift Operator"
LABEL io.k8s.display-name="hypershift-operator"
LABEL io.openshift.tags="data,images"
LABEL io.openshift.hypershift.control-plane-operator-subcommands=true
LABEL io.openshift.hypershift.control-plane-operator-skips-haproxy=true
LABEL io.openshift.hypershift.ignition-server-healthz-handler=true
LABEL io.openshift.hypershift.control-plane-operator-manages-ignition-server=true
LABEL io.openshift.hypershift.control-plane-operator-manages.cluster-machine-approver=true
LABEL io.openshift.hypershift.control-plane-operator-manages.cluster-autoscaler=true
LABEL io.openshift.hypershift.control-plane-operator-manages.decompress-decode-config=true
LABEL io.openshift.hypershift.control-plane-operator-creates-aws-sg=true
LABEL io.openshift.hypershift.control-plane-operator-applies-management-kas-network-policy-label=true
LABEL io.openshift.hypershift.restricted-psa=true
LABEL io.openshift.hypershift.control-plane-pki-operator-signs-csrs=true
LABEL io.openshift.hypershift.hosted-cluster-config-operator-reports-node-count=true