Intial commit

.github/workflows/build-docker.yml

@@ -0,0 +1,48 @@
+---
+
+name: Docker Build & Publish to GitHub Container Registry
+on:
+  push:
+    branches:
+      - 'main'
+    tags:
+      - 'v*'
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: stackhpc/tang
+jobs:
+  build-and-push-docker-image:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Log into registry ${{ env.REGISTRY }}
+        uses: docker/login-action@v1
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Setup Docker buildx
+        uses: docker/setup-buildx-action@v1
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@v2
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+      - name: Build and Push Versioned Docker Image
+        id: build-and-push
+        uses: docker/build-push-action@v2
+        if: ${{ github.ref_type == 'tag' }}
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+      - name: Build and Push Latest Docker Image
+        id: build-and-push-latest
+        uses: docker/build-push-action@v2
+        if: ${{ github.ref == 'refs/heads/main' }}
+        with:
+          context: .
+          push: true
+          tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
+          labels: ${{ steps.meta.outputs.labels }}

Dockerfile

@@ -0,0 +1,27 @@
+FROM rockylinux/rockylinux:8.6.20220707
+
+ENV SUMMARY="Network Presence Binding Daemon." \
+    DESCRIPTION="Tang is a small daemon for binding data to the presence of a third party. This is a containerized Tang server." \
+    VERSION=1 \
+    TANG_LISTEN_PORT=80
+
+LABEL name="stackhpc/tang" \
+      summary="${SUMMARY}" \
+      description="${DESCRIPTION}" \
+      version="${VERSION}" \
+      usage="podman run -d -p 8080:80 -v tang-keys:/var/db/tang --name tang stackhpc/tang"
+
+RUN dnf update -y && \
+    dnf install -y \
+             tang \
+             socat && \
+    dnf clean all && \
+    rm -rf /var/cache/yum
+
+COPY root /
+
+VOLUME ["/var/db/tang"]
+EXPOSE "${TANG_LISTEN_PORT}"
+
+HEALTHCHECK CMD ["/usr/bin/tangd-healthcheck"]
+CMD ["/usr/bin/tangd-entrypoint"]

README.md

@@ -0,0 +1,9 @@
+## Tang docker container image
+
+Runs (tang)[https://github.com/latchset/tang] inside a Rocky Linux docker container.
+
+## Usage
+
+```
+docker run -d -p 8080:80 -v tang-db:/var/db/tang stackhpc/tang
+```

root/usr/bin/tangd-entrypoint

@@ -0,0 +1,8 @@
+#!/bin/sh
+set -e
+
+TANG_LISTEN_PORT=${TANG_LISTEN_PORT:-80}
+
+mkdir -p /var/db/tang /var/cache/tang
+
+socat tcp-l:$TANG_LISTEN_PORT,reuseaddr,fork exec:"/usr/libexec/tangd /var/cache/tang"

root/usr/bin/tangd-healthcheck

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+set -eu
+
+TANG_LISTEN_PORT=${TANG_LISTEN_PORT:-80}
+
+tang-show-keys $TANG_LISTEN_PORT