forked from kubestellar/kubestellar
-
Notifications
You must be signed in to change notification settings - Fork 0
/
core.Dockerfile
110 lines (93 loc) · 4.39 KB
/
core.Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
###############################################################################
# Builder image
###############################################################################
FROM redhat/ubi9 AS builder
ARG TARGETOS
ARG TARGETARCH
ARG TARGETPLATFORM
ARG GIT_DIRTY=dirty
RUN groupadd kubestellar && useradd -g kubestellar kubestellar
WORKDIR /home/kubestellar
RUN mkdir -p .kcp && \
dnf install -y git golang jq procps && \
go install github.com/mikefarah/yq/[email protected] && \
curl -SL -o /usr/local/bin/kubectl "https://dl.k8s.io/release/v1.25.3/bin/${TARGETPLATFORM}/kubectl" && \
chmod +x /usr/local/bin/kubectl && \
curl -SL -o easy-rsa.tar.gz "https://github.com/OpenVPN/easy-rsa/releases/download/v3.1.5/EasyRSA-3.1.5.tgz" && \
got_hash=$(sha256sum easy-rsa.tar.gz | awk '{ print $1 }') && \
if [ "$got_hash" != 9fc6081d4927e68e9baef350e6b3010c7fb4f4a5c3e645ddac901081eb6adbb2 ]; then \
echo "Got bad copy of EasyRSA-3.1.5.tgz" >&2 ; \
exit 1; \
fi && \
mkdir easy-rsa && \
tar -C easy-rsa -zxf easy-rsa.tar.gz --wildcards --strip-components=1 EasyRSA*/* && \
rm easy-rsa.tar.gz && \
curl -SL -o kcp.tar.gz "https://github.com/kcp-dev/kcp/releases/download/v0.11.0/kcp_0.11.0_${TARGETOS}_${TARGETARCH}.tar.gz" && \
mkdir kcp && \
tar -C kcp -zxf kcp.tar.gz && \
rm kcp.tar.gz && \
curl -SL -o kcp-plugins.tar.gz "https://github.com/kcp-dev/kcp/releases/download/v0.11.0/kubectl-kcp-plugin_0.11.0_${TARGETOS}_${TARGETARCH}.tar.gz" && \
mkdir kcp-plugins && \
tar -C kcp-plugins -zxf kcp-plugins.tar.gz && \
rm kcp-plugins.tar.gz && \
git config --global --add safe.directory /home/kubestellar && \
mkdir -p bin && \
mkdir -p scripts
RUN git clone https://github.com/waltforme/kube-bind.git && \
pushd kube-bind && \
mkdir bin && \
IGNORE_GO_VERSION=1 go build -o ./bin/example-backend ./cmd/example-backend/main.go && \
git checkout origin/syncmore && \
IGNORE_GO_VERSION=1 go build -o ./bin/konnector ./cmd/konnector/main.go && \
git checkout origin/autobind && \
IGNORE_GO_VERSION=1 go build -o ./bin/kubectl-bind ./cmd/kubectl-bind/main.go && \
export PATH=$(pwd)/bin:$PATH && \
popd && \
git clone https://github.com/dexidp/dex.git && \
pushd dex && \
IGNORE_GO_VERSION=1 make build && \
popd
ENV PATH=$PATH:/root/go/bin
ADD cmd/ cmd/
ADD config/ config/
ADD hack/ hack/
ADD monitoring/ monitoring/
ADD pkg/ pkg/
ADD scripts/inner/ scripts/inner/
ADD scripts/overlap/ scripts/overlap/
ADD space-framework/ space-framework/
ADD test/ test/
ADD .git/ .git/
ADD .gitattributes Makefile Makefile.venv go.mod go.sum .
RUN make innerbuild GIT_DIRTY=$GIT_DIRTY IGNORE_GO_VERSION=yesplease
FROM redhat/ubi9
WORKDIR /home/kubestellar
RUN dnf install -y jq procps && \
dnf -y upgrade openssl && \
groupadd kubestellar && \
adduser -g kubestellar kubestellar && \
mkdir -p .kcp
# copy binaries from the builder image
COPY --from=builder /home/kubestellar/easy-rsa easy-rsa/
COPY --from=builder /root/go/bin /usr/local/bin/
COPY --from=builder /usr/local/bin/kubectl /usr/local/bin/kubectl
COPY --from=builder /home/kubestellar/kcp/bin kcp/bin/
COPY --from=builder /home/kubestellar/kcp-plugins/bin kcp/bin/
COPY --from=builder /home/kubestellar/bin bin/
COPY --from=builder /home/kubestellar/config config/
COPY --from=builder /home/kubestellar/kube-bind/bin kube-bind/bin/
COPY --from=builder /home/kubestellar/kube-bind/hack/dex-config-dev.yaml kube-bind/hack/dex-config-dev.yaml
COPY --from=builder /home/kubestellar/kube-bind/deploy/crd kube-bind/deploy/crd
COPY --from=builder /home/kubestellar/dex/bin dex/bin/
# add entry script
ADD core-container/entry.sh entry.sh
RUN chown -R kubestellar:0 /home/kubestellar && \
chmod -R g=u /home/kubestellar
# setup the environment variables
ENV PATH=/home/kubestellar/bin:/home/kubestellar/kcp/bin:/home/kubestellar/kube-bind/bin:/home/kubestellar/dex/bin:/home/kubestellar/easy-rsa:$PATH
ENV EXTERNAL_HOSTNAME=""
ENV EXTERNAL_PORT=""
# Switch the user
USER kubestellar
# start KubeStellar
CMD [ "/home/kubestellar/entry.sh" ]