forked from sigstore/scaffolding
-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathDockerfile.tuf-server.rh
31 lines (25 loc) · 1.19 KB
/
Dockerfile.tuf-server.rh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# Build the tuf server binary
FROM brew.registry.redhat.io/rh-osbs/openshift-golang-builder@sha256:356986205e66dcc03ef9a9fef5a7a13d6d59c29efacf1d971f9224c678932cf0 AS build-env
WORKDIR /tuf-server
RUN git config --global --add safe.directory /tuf-server
COPY . .
USER root
RUN go mod vendor
RUN make build-tuf-server
# Install server
FROM registry.access.redhat.com/ubi9-minimal@sha256:fb77e447ab97f3fecd15d2fa5361a99fe2f34b41422e8ebb3612eecd33922fa0
COPY --from=build-env /tuf-server/server /usr/local/bin/tuf-server
RUN chown root:0 /usr/local/bin/tuf-server && chmod g+wx /usr/local/bin/tuf-server
# Configure home directory
ENV HOME=/home
RUN chgrp -R 0 /${HOME} && chmod -R g=u /${HOME}
WORKDIR ${HOME}
LABEL description="Binary for the TUF (The Update Framework) server."
LABEL io.k8s.description="Binary for the TUF (The Update Framework) server."
LABEL io.k8s.display-name="TUF server container image for Red Hat Trusted Artifact Signer."
LABEL io.openshift.tags="TUF-server, Red Hat trusted artifact signer."
LABEL summary="Provides the TUF server binary."
LABEL com.redhat.component="tuf-server"
LABEL name="tuf-server"
# Set the binary as the entrypoint of the container
ENTRYPOINT ["tuf-server"]