From f88e2e002c15c6896d781b5b9d09882c9b79fd69 Mon Sep 17 00:00:00 2001 From: Erik Espinoza <7862514+erikespinoza@users.noreply.github.com> Date: Mon, 3 Jun 2024 07:23:52 -0700 Subject: [PATCH] Docker cleanup (#233) * Removed unnecessary `start.sh` * Updated Dockerfile to newer OS * Cleaned up Dockerfile dirty hack for RSA keys Co-authored-by: Espinoza, Erik --- Dockerfile | 28 ++++------------------------ misc/docker/docker-compose.yml | 2 -- misc/docker/start.sh | 14 -------------- 3 files changed, 4 insertions(+), 40 deletions(-) delete mode 100644 misc/docker/start.sh diff --git a/Dockerfile b/Dockerfile index d1092ee3..d4710874 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,15 +1,13 @@ ################# # Build Step ################# - -FROM golang:latest as build +FROM golang:bookworm as build # Setup work env RUN mkdir -p /app/ /tmp/gocode/src/github.com/Cloud-Foundations/keymaster ADD . /tmp/gocode/src/github.com/Cloud-Foundations/keymaster WORKDIR /tmp/gocode/src/github.com/Cloud-Foundations/keymaster - # Required envs for GO ENV GOPATH=/tmp/gocode ENV DEBIAN_FRONTEND=noninteractive @@ -17,26 +15,14 @@ ENV DEBIAN_FRONTEND=noninteractive # Update and confirm deps RUN apt-get update && apt-get -y dist-upgrade && apt-get -y install build-essential -# Install deps -RUN make get-deps - -## Dirty Hack - Remove when https://github.com/golang/go/issues/37278 is closed -# Compatibility with OpenSSH 8.2 and above -WORKDIR /tmp/gocode/src/golang.org/x/crypto/ -RUN git config user.email "you@example.com" -RUN git config user.name "Your Name" -RUN git pull --no-edit https://go.googlesource.com/crypto refs/changes/37/220037/3 -WORKDIR /tmp/gocode/src/github.com/Cloud-Foundations/keymaster -## Dirty Hack End - # Build and copy final result RUN make +RUN strip /tmp/gocode/bin/keymaster* ################# # Run Step ################# - -FROM debian:buster as run +FROM debian:bookworm as run # Copy binary from build container COPY --from=build /tmp/gocode/bin/keymasterd /app/keymasterd @@ -44,20 +30,14 @@ COPY --from=build /tmp/gocode/bin/keymaster-unlocker /app/keymaster-unlocker COPY --from=build /tmp/gocode/src/github.com/Cloud-Foundations/keymaster/cmd/keymasterd/customization_data /usr/share/keymasterd/customization_data COPY --from=build /tmp/gocode/src/github.com/Cloud-Foundations/keymaster/cmd/keymasterd/static_files /usr/share/keymasterd/static_files -# Copy docker specific scripts from build container -COPY --from=build /tmp/gocode/src/github.com/Cloud-Foundations/keymaster/misc/docker/start.sh /app/docker/ - # Perform update and clear cache ENV DEBIAN_FRONTEND=noninteractive RUN apt-get update RUN apt-get -y --no-install-recommends install procps apache2-utils ca-certificates dumb-init RUN apt-get -y dist-upgrade && rm -rf /var/cache/apt/* - -# Install init - # Expose web and LDAP ports EXPOSE 80 443 6920 ENTRYPOINT ["/usr/bin/dumb-init", "--"] -CMD ["/bin/sh", "/app/docker/start.sh"] +CMD ["/app/keymasterd", "-config", "/etc/keymaster/config.yml", "-alsoLogToStderr"] diff --git a/misc/docker/docker-compose.yml b/misc/docker/docker-compose.yml index 23479338..e47557cc 100644 --- a/misc/docker/docker-compose.yml +++ b/misc/docker/docker-compose.yml @@ -1,7 +1,5 @@ # See ../../docs/docker for more info. This will not work without bootstrapping -version: "2" - services: keymaster: image: "local/keymaster" diff --git a/misc/docker/start.sh b/misc/docker/start.sh deleted file mode 100644 index b23249ab..00000000 --- a/misc/docker/start.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh - -# Copy config file if it doesn't exist so that the app can start -if [ ! -f /etc/keymaster/config.yml ] ; then - echo "Generate Configs" - exit 1 - fi - -# Run app -/app/keymasterd -config /etc/keymaster/config.yml -alsoLogToStderr - -echo "" -echo "keymasterd has exited." -echo "Exiting."