-
Notifications
You must be signed in to change notification settings - Fork 38
Expand file tree
/
Copy pathDockerfile
More file actions
79 lines (58 loc) · 2.6 KB
/
Dockerfile
File metadata and controls
79 lines (58 loc) · 2.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
#
# Build
#
FROM registry.redhat.io/openshift4/ose-tools-rhel9@sha256:0d70224d12e358b1a107a86e0a7e0845e1e8a4d30ce3a1423600f044e3fb28d2 AS ose-tools
FROM registry.access.redhat.com/ubi10/go-toolset:1.25.7-1773232111 AS builder
ARG COMMIT_ID
ARG VERSION_ID
USER root
WORKDIR /workdir/tssc
COPY installer/ ./installer/
COPY cmd/ ./cmd/
COPY scripts/ ./scripts/
COPY image/ ./image/
COPY vendor/ ./vendor/
COPY go.mod go.sum Makefile .goreleaser.yaml ./
RUN tar -xvf ./image/gh_2.81.0_linux_amd64.tar.gz -C ./image
RUN make test
RUN make GOFLAGS='-buildvcs=false' COMMIT_ID=${COMMIT_ID} VERSION=${VERSION_ID}
#
# Run
#
FROM registry.access.redhat.com/ubi10:10.1-1772441712
LABEL \
name="tssc" \
com.redhat.component="tssc" \
description="Red Hat Trusted Software Supply Chain allows organizations to curate their own trusted, \
repeatable pipelines that stay compliant with industry requirements. Built on proven, trusted open \
source technologies, Red Hat Trusted Software Supply Chain is a set of solutions to protect users, \
customers, and partners from risks and vulnerabilities in their software factory." \
io.k8s.description="Red Hat Trusted Software Supply Chain allows organizations to curate their own trusted, \
repeatable pipelines that stay compliant with industry requirements. Built on proven, trusted open \
source technologies, Red Hat Trusted Software Supply Chain is a set of solutions to protect users, \
customers, and partners from risks and vulnerabilities in their software factory." \
summary="Provides the tssc binary." \
io.k8s.display-name="Red Hat Trusted Software Supply Chain CLI" \
io.openshift.tags="tssc tas tpa rhdh ec tap openshift"
WORKDIR /licenses
COPY LICENSE.txt .
WORKDIR /tssc
COPY --from=ose-tools /usr/bin/jq /usr/bin/kubectl /usr/bin/oc /usr/bin/vi /usr/bin/
# jq libraries
COPY --from=ose-tools /usr/lib64/libjq.so.1 /usr/lib64/libonig.so.5 /usr/lib64/
# vi libraries
COPY --from=ose-tools /usr/libexec/vi /usr/libexec/
COPY --from=builder /workdir/tssc/installer/charts ./charts
COPY --from=builder /workdir/tssc/installer/config.yaml ./
COPY --from=builder /workdir/tssc/bin/tssc /usr/local/bin/tssc
COPY --from=builder /workdir/tssc/image/gh_2.81.0_linux_amd64/bin/gh /usr/local/bin/gh
COPY --from=builder /workdir/tssc/scripts/ ./scripts/
RUN groupadd --gid 9999 -r tssc && \
useradd -r -d /tssc -g tssc -s /sbin/nologin --uid 9999 tssc && \
chown -R tssc:tssc .
USER tssc
RUN echo "# jq" && jq --version && \
echo "# kubectl" && kubectl version --client && \
echo "# oc" && oc version
ENV KUBECONFIG=/tssc/.kube/config
ENTRYPOINT ["tssc"]