forked from google/certificate-transparency-go
-
Notifications
You must be signed in to change notification settings - Fork 4
/
Dockerfile.rh
27 lines (22 loc) · 1.27 KB
/
Dockerfile.rh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
FROM brew.registry.redhat.io/rh-osbs/openshift-golang-builder@sha256:98a0ff138c536eee98704d6909699ad5d0725a20573e2c510a60ef462b45cce0 AS build-env
WORKDIR /ct_server
RUN git config --global --add safe.directory /ct_server
COPY . .
RUN CGO_ENABLED=0 go build -o ct_server -mod=readonly -trimpath ./trillian/ctfe/ct_server
# Install server
FROM registry.access.redhat.com/ubi9-minimal@sha256:f5d2c6a1e0c86e4234ea601552dbabb4ced0e013a1efcbfb439f1f6a7a9275b0
COPY --from=build-env /ct_server/ct_server /usr/local/bin/ct_server
RUN chown root:0 /usr/local/bin/ct_server && chmod g+wx /usr/local/bin/ct_server
# Configure home directory
ENV HOME=/home
RUN chgrp -R 0 /${HOME} && chmod -R g=u /${HOME}
WORKDIR ${HOME}
LABEL name="certifcate-transparency-server"
LABEL description="The binary responsible for providing the Certificate Transparency (CT) log server."
LABEL io.k8s.description="The binary responsible for providing the Certificate Transparency (CT) log server."
LABEL io.k8s.display-name="CT server container image for Red Hat Trusted Artifact Signer."
LABEL io.openshift.tags="CT-server, Red Hat trusted artifact signer."
LABEL summary="Provides the CT-server binary."
LABEL com.redhat.component="ct-server"
# Set the binary as the entrypoint of the container
ENTRYPOINT ["ct_server"]