-
Notifications
You must be signed in to change notification settings - Fork 27
/
Copy pathDockerfile
66 lines (49 loc) · 2.45 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
#
# Build
#
FROM registry.redhat.io/openshift4/ose-tools-rhel9@sha256:f77fa25b5dd51b135f6bd3a7785dfc23bdfcf65ba12f2a29ea82f57c38d6892a AS ose-tools
FROM registry.access.redhat.com/ubi9/go-toolset:1.22.9-1739801907 AS builder
USER root
WORKDIR /workdir/rhtap-cli
COPY installer/ ./installer/
COPY cmd/ ./cmd/
COPY pkg/ ./pkg/
COPY vendor/ ./vendor/
COPY go.mod go.sum Makefile ./
RUN make GOFLAGS='-buildvcs=false'
#
# Run
#
FROM registry.access.redhat.com/ubi9-minimal:9.5-1739420147
LABEL \
name="rhtap-cli" \
com.redhat.component="rhtap-cli" \
description="Red Hat Trusted Application Pipeline allows organizations to curate their own trusted, repeatable pipelines \
that stay compliant with industry requirements. Built on proven, trusted open source technologies, Red Hat \
Trusted Application Pipeline is part of Red Hat Trusted Software Supply Chain, a set of solutions to protect \
users, customers, and partners from risks and vulnerabilities in their software factory." \
io.k8s.description="Red Hat Trusted Application Pipeline allows organizations to curate their own trusted, repeatable pipelines \
that stay compliant with industry requirements. Built on proven, trusted open source technologies, Red Hat \
Trusted Application Pipeline is part of Red Hat Trusted Software Supply Chain, a set of solutions to protect \
users, customers, and partners from risks and vulnerabilities in their software factory." \
summary="Provides the binaries for downloading the RHTAP CLI." \
io.k8s.display-name="Red Hat Trusted Application Pipeline CLI" \
io.openshift.tags="rhtap-cli tas tpa rhdh ec tap openshift"
WORKDIR /rhtap-cli
COPY --from=ose-tools /usr/bin/jq /usr/bin/kubectl /usr/bin/oc /usr/bin/vi /usr/bin/
# jq libraries
COPY --from=ose-tools /usr/lib64/libjq.so.1 /usr/lib64/libonig.so.5 /usr/lib64/
# vi libraries
COPY --from=ose-tools /usr/libexec/vi /usr/libexec/
COPY --from=builder /workdir/rhtap-cli/installer/charts ./charts
COPY --from=builder /workdir/rhtap-cli/installer/config.yaml ./
COPY --from=builder /workdir/rhtap-cli/bin/rhtap-cli /usr/local/bin/rhtap-cli
RUN groupadd --gid 999 -r rhtap-cli && \
useradd -r -d /rhtap-cli -g rhtap-cli -s /sbin/nologin --uid 999 rhtap-cli && \
chown -R rhtap-cli:rhtap-cli .
USER rhtap-cli
RUN echo "# jq" && jq --version && \
echo "# kubectl" && kubectl version --client && \
echo "# oc" && oc version
ENV KUBECONFIG=/rhtap-cli/.kube/config
ENTRYPOINT ["rhtap-cli"]