-
Notifications
You must be signed in to change notification settings - Fork 35
/
Copy pathDockerfile.webhook_client_dp3
38 lines (28 loc) · 1.36 KB
/
Dockerfile.webhook_client_dp3
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
###########
# BUILDER #
###########
FROM milmove/circleci-docker:milmove-app-3d9acdaa37c81a87b5fc1c6193a8e528dd56e4ed as builder
# Prepare public DOD certificates.
# hadolint ignore=DL3002
USER root
# Demo Environment Certs
COPY config/tls/api.demo.dp3.us.chain.der.p7b /tmp/api.demo.dp3.us.chain.der.p7b
RUN openssl pkcs7 -print_certs -inform der -in /tmp/api.demo.dp3.us.chain.der.p7b -out /usr/local/share/ca-certificates/api.demo.dp3.us.chain.der.crt
# Loadtesting Environment Certs
COPY config/tls/api.loadtest.dp3.us.chain.der.p7b /tmp/api.loadtest.dp3.us.chain.der.p7b
RUN openssl pkcs7 -print_certs -inform der -in /tmp/api.loadtest.dp3.us.chain.der.p7b -out /usr/local/share/ca-certificates/api.loadtest.dp3.us.chain.der.crt
# Exp Environment Certs
COPY config/tls/api.exp.dp3.us.chain.der.p7b /tmp/api.exp.dp3.us.chain.der.p7b
RUN openssl pkcs7 -print_certs -inform der -in /tmp/api.exp.dp3.us.chain.der.p7b -out /usr/local/share/ca-certificates/api.exp.dp3.us.chain.der.crt
RUN update-ca-certificates
#########
# FINAL #
#########
# hadolint ignore=DL3007
FROM gcr.io/distroless/static:latest
# Copy DOD certs from the builder.
COPY --from=builder --chown=root:root /etc/ssl/certs /etc/ssl/certs
#AWS GovCloud RDS cert
COPY bin/rds-ca-rsa4096-g1.pem /bin/rds-ca-rsa4096-g1.pem
COPY bin/webhook-client /bin/webhook-client
CMD ["/bin/webhook-client", "webhook-notify"]