forked from aws-samples/aws-kms-xks-proxy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
48 lines (32 loc) · 1.49 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0
# See docker/README.md for more information.
FROM ubuntu as builder
ENV HOME=/root
RUN mkdir -p $HOME/aws-kms-xks-proxy
COPY ./xks-axum $HOME/aws-kms-xks-proxy/xks-axum
RUN apt-get update -y
RUN apt-get install -y softhsm opensc curl build-essential
RUN softhsm2-util --init-token --slot 0 --label "xks-proxy" --so-pin 1234 --pin 1234
RUN pkcs11-tool --module /usr/lib/softhsm/libsofthsm2.so \
--token-label xks-proxy --login --login-type user \
--keygen --id F0 --label foo --key-type aes:32 \
--pin 1234
RUN curl https://sh.rustup.rs -sSf | sh -s -- -y
ENV PATH="$HOME/.cargo/bin:$PATH"
RUN mkdir -p /var/local/xks-proxy/.secret
COPY ./xks-axum/configuration/settings_docker.toml /var/local/xks-proxy/.secret/settings.toml
ENV PROJECT_DIR=$HOME/aws-kms-xks-proxy/xks-axum
RUN cargo build --release --manifest-path=$PROJECT_DIR/Cargo.toml && \
cp $PROJECT_DIR/target/release/xks-proxy /usr/sbin/xks-proxy
FROM ubuntu
COPY --from=builder /etc/softhsm/ /etc/softhsm/
COPY --from=builder /var/lib/softhsm/ /var/lib/softhsm/
COPY --from=builder /usr/lib/ /usr/lib/
COPY --from=builder /usr/bin/ /usr/bin/
COPY --from=builder /var/local/ /var/local/
COPY --from=builder /usr/sbin/xks-proxy /usr/sbin/xks-proxy
EXPOSE 80
ENV XKS_PROXY_SETTINGS_TOML=/var/local/xks-proxy/.secret/settings.toml \
RUST_BACKTRACE=1
ENTRYPOINT ["/usr/sbin/xks-proxy"]