-
Notifications
You must be signed in to change notification settings - Fork 3
/
Dockerfile
97 lines (87 loc) · 3.56 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
ARG BASEIMAGE=gcr.io/distroless/static:nonroot
ARG BASE_ALPINE=alpine:3.8
ARG GO_VERSION=1.13.0
# -------
# Builder
# -------
FROM golang:${GO_VERSION} AS builder
ARG PACKAGE
ARG VCS_REF=noref
ARG BUILD_SUB_TARGET
WORKDIR /go/src/${PACKAGE}
ADD . .
RUN go mod download
RUN GIT_TAG=${VCS_REF} make build${BUILD_SUB_TARGET}
# ------------
# Env Injector
# ------------
FROM $BASE_ALPINE AS webhook
ARG VCS_REF
ARG BUILD_DATE
ARG VCS_URL
LABEL org.label-schema.schema-version="1.0"
LABEL org.label-schema.build-date=$BUILD_DATE
LABEL org.label-schema.vcs-ref=$VCS_REF
LABEL org.label-schema.vcs-url=$VCS_URL
LABEL org.label-schema.url=$VCS_URL
LABEL org.label-schema.description="A Kubernetes Mutating Admission Webhook that adds an init container to a pod that will inject environment variables from Azure Key Vault"
LABEL org.label-schema.vendor="Sparebanken Vest"
LABEL org.label-schema.author="Jon Arild Tørresdal"
COPY --from=builder /go/src/github.com/SparebankenVest/azure-key-vault-to-kubernetes/bin/azure-key-vault-to-kubernetes/azure-keyvault-secrets-webhook /usr/local/bin/
ENV DEBUG false
ENTRYPOINT ["/usr/local/bin/azure-keyvault-secrets-webhook"]
# ----------
# Controller
# ----------
FROM $BASE_ALPINE AS controller
ARG VCS_REF
ARG BUILD_DATE
ARG VCS_URL
LABEL org.label-schema.schema-version="1.0"
LABEL org.label-schema.build-date=$BUILD_DATE
LABEL org.label-schema.vcs-ref=$VCS_REF
LABEL org.label-schema.vcs-url=$VCS_URL
LABEL org.label-schema.url=$VCS_URL
LABEL org.label-schema.description="A Kubernetes Mutating Admission Webhook that adds an init container to a pod that will inject environment variables from Azure Key Vault"
LABEL org.label-schema.vendor="Sparebanken Vest"
LABEL org.label-schema.author="Jon Arild Tørresdal"
COPY --from=builder /go/src/github.com/SparebankenVest/azure-key-vault-to-kubernetes/bin/azure-key-vault-to-kubernetes/azure-keyvault-controller /usr/local/bin/
ENV DEBUG false
ENTRYPOINT ["/usr/local/bin/azure-keyvault-controller"]
# --------------------
# CA Bundle Controller
# --------------------
FROM $BASEIMAGE AS ca-bundle-controller
ARG VCS_REF
ARG BUILD_DATE
ARG VCS_URL
LABEL org.label-schema.schema-version="1.0"
LABEL org.label-schema.build-date=$BUILD_DATE
LABEL org.label-schema.vcs-ref=$VCS_REF
LABEL org.label-schema.vcs-url=$VCS_URL
LABEL org.label-schema.url=$VCS_URL
LABEL org.label-schema.description="A Kubernetes Mutating Admission Webhook that adds an init container to a pod that will inject environment variables from Azure Key Vault"
LABEL org.label-schema.vendor="Sparebanken Vest"
LABEL org.label-schema.author="Jon Arild Tørresdal"
COPY --from=builder /go/src/github.com/SparebankenVest/azure-key-vault-to-kubernetes/bin/azure-key-vault-to-kubernetes/ca-bundle-controller /usr/local/bin/
ENV DEBUG false
USER 65534
ENTRYPOINT ["/usr/local/bin/ca-bundle-controller"]
# --------
# vaultenv
# --------
FROM $BASEIMAGE AS vaultenv
ARG VCS_REF
ARG BUILD_DATE
ARG VCS_URL
LABEL org.label-schema.schema-version="1.0"
LABEL org.label-schema.build-date=$BUILD_DATE
LABEL org.label-schema.vcs-ref=$VCS_REF
LABEL org.label-schema.vcs-url=$VCS_URL
LABEL org.label-schema.url=$VCS_URL
LABEL org.label-schema.description="A Kubernetes Mutating Admission Webhook that adds an init container to a pod that will inject environment variables from Azure Key Vault"
LABEL org.label-schema.vendor="Sparebanken Vest"
LABEL org.label-schema.author="Jon Arild Tørresdal"
COPY --from=builder /go/src/github.com/SparebankenVest/azure-key-vault-to-kubernetes/bin/azure-key-vault-to-kubernetes/azure-keyvault-env /usr/local/bin/
ENV DEBUG false
USER 65534