-
Notifications
You must be signed in to change notification settings - Fork 33
/
Dockerfile
21 lines (14 loc) · 843 Bytes
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
FROM gcr.io/distroless/java17-debian11:nonroot AS SECURITY
FROM openjdk:17 AS BUILD
COPY . /opt
WORKDIR /opt
RUN ./mvnw clean install -DskipTests
ENV JAVA_RANDOM="file:/dev/./urandom"
COPY --from=SECURITY /etc/java-17-openjdk/security/java.security /java.security
RUN echo "networkaddress.cache.ttl=60" >> /java.security
RUN sed -i -e "s@^securerandom.source=.*@securerandom.source=${JAVA_RANDOM}@" /java.security
FROM gcr.io/distroless/java17-debian11:nonroot
COPY --from=BUILD /opt/target/vault-crd.jar /opt/vault-crd.jar
COPY --from=BUILD /java.security /etc/java-17-openjdk/security/java.security
ENTRYPOINT ["/usr/bin/java", "-Djavax.net.ssl.trustStore=/etc/ssl/certs/java/cacerts", "-Djavax.net.ssl.trustStorePassword=changeit", "-Djavax.net.ssl.trustStoreType=jks", "-Dkeystore.pkcs12.legacy"]
CMD ["-jar", "/opt/vault-crd.jar"]