forked from ory/kratos
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathDockerfile
53 lines (37 loc) · 1.39 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
# BUILDER
FROM golang:1.21 AS builder
RUN apt-get update && apt-get upgrade -y &&\
mkdir -p /var/lib/sqlite
WORKDIR /go/src/github.com/ory/kratos
COPY go.mod go.mod
COPY go.sum go.sum
COPY internal/httpclient/go.* internal/httpclient/
COPY internal/client-go/go.* internal/client-go/
ENV GO111MODULE on
ENV CGO_ENABLED 0
ENV GOOS linux
ENV GOARCH amd64
RUN go mod download
COPY . .
ARG VERSION
ARG COMMIT
ARG BUILD_DATE
RUN --mount=type=cache,target=/root/.cache/go-build go build \
-ldflags="-X 'github.com/ory/kratos/driver/config.Version=${VERSION}' -X 'github.com/ory/kratos/driver/config.Date=${BUILD_DATE}' -X 'github.com/ory/kratos/driver/config.Commit=${COMMIT}'" \
-o /usr/bin/kratos
# RUNNER
FROM alpine:3.18.3
RUN addgroup -S ory; \
adduser -S ory -G ory -D -u 10000 -h /home/ory -s /bin/nologin; \
chown -R ory:ory /home/ory
RUN apk --update upgrade && apk --no-cache --update-cache --upgrade --latest add ca-certificates
WORKDIR /home/ory
COPY --from=builder --chown=ory:ory /usr/bin/kratos /usr/bin/kratos
# Exposing the ory home directory to simplify passing in Kratos configuration (e.g. if the file $HOME/.kratos.yaml
# exists, it will be automatically used as the configuration file).
VOLUME /home/ory
# Declare the standard ports used by Kratos (4433 for public service endpoint, 4434 for admin service endpoint)
EXPOSE 4433 4434
USER 10000
ENTRYPOINT ["kratos"]
CMD ["serve"]