forked from louketo/louketo-proxy
-
Notifications
You must be signed in to change notification settings - Fork 50
/
Dockerfile
55 lines (43 loc) · 1.64 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
ARG HOMEDIR=/opt/gatekeeper
#
# Builder
#
FROM --platform=$BUILDPLATFORM golang:1.23.2 AS build-env
ARG HOMEDIR
ARG TARGETOS TARGETARCH
ENV GOOS=$TARGETOS
ENV GOARCH=$TARGETARCH
ADD . /src/
WORKDIR /src/
RUN mkdir -p bin && \
GIT_SHA=$(git --no-pager describe --always --dirty) && \
BUILD_TIME=$(date '+%s') && \
TAG=$(git describe --tags) && \
NAME=gatekeeper && \
LFLAGS=" -X github.com/gogatekeeper/gatekeeper/pkg/proxy/core.release=$TAG -X github.com/gogatekeeper/gatekeeper/pkg/proxy/core.gitsha=$GIT_SHA -X github.com/gogatekeeper/gatekeeper/pkg/proxy/core.compiled=$BUILD_TIME" && \
CGO_ENABLED=0 go build -a -tags netgo -ldflags "-s -w ${LFLAGS}" -o bin/${NAME} cmd/keycloak/gatekeeper-keycloak.go
WORKDIR ${HOMEDIR}
RUN cp /src/bin/gatekeeper .
COPY templates ./templates
RUN echo "gatekeeper:x:1000:gatekeeper" >> /etc/group && \
echo "gatekeeper:x:1000:1000:gatekeeper user:${HOMEDIR}:/sbin/nologin" >> /etc/passwd && \
chown -R gatekeeper:gatekeeper ${HOMEDIR} && \
chmod -R g+rw ${HOMEDIR} && \
chmod +x gatekeeper
#
# Actual image
#
FROM scratch
ARG HOMEDIR
LABEL Name=gatekeeper \
Release=https://github.com/gogatekeeper/gatekeeper \
Url=https://github.com/gogatekeeper/gatekeeper \
Help=https://github.com/gogatekeeper/gatekeeper/issues
COPY --chown=1000:1000 --from=build-env ${HOMEDIR} ${HOMEDIR}
COPY --from=build-env /etc/passwd /etc/passwd
COPY --from=build-env /etc/group /etc/group
COPY --from=build-env /usr/share/ca-certificates /usr/share/ca-certificates
COPY --from=build-env /etc/ssl/certs /etc/ssl/certs
WORKDIR ${HOMEDIR}
USER 1000
ENTRYPOINT [ "/opt/gatekeeper/gatekeeper" ]