2019-10-07 17:03:15 -07:00
|
|
|
FROM golang:1.13-buster AS builder
|
2019-01-22 02:50:50 +09:00
|
|
|
|
|
|
|
|
# Download tools
|
2019-06-23 20:40:59 +01:00
|
|
|
RUN curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s -- -b $(go env GOPATH)/bin v1.17.1
|
2019-01-22 02:50:50 +09:00
|
|
|
|
|
|
|
|
# Copy sources
|
|
|
|
|
WORKDIR $GOPATH/src/github.com/pusher/oauth2_proxy
|
2018-12-20 11:06:26 +00:00
|
|
|
|
|
|
|
|
# Fetch dependencies
|
2019-07-15 21:38:55 +01:00
|
|
|
COPY go.mod go.sum ./
|
2019-07-15 21:49:38 +01:00
|
|
|
RUN GO111MODULE=on go mod download
|
2018-12-20 11:06:26 +00:00
|
|
|
|
2019-07-11 17:18:07 -05:00
|
|
|
# Now pull in our code
|
|
|
|
|
COPY . .
|
|
|
|
|
|
2019-03-20 15:15:47 -07:00
|
|
|
# Build binary and make sure there is at least an empty key file.
|
|
|
|
|
# This is useful for GCP App Engine custom runtime builds, because
|
|
|
|
|
# you cannot use multiline variables in their app.yaml, so you have to
|
|
|
|
|
# build the key into the container and then tell it where it is
|
|
|
|
|
# by setting OAUTH2_PROXY_JWT_KEY_FILE=/etc/ssl/private/jwt_signing_key.pem
|
|
|
|
|
# in app.yaml instead.
|
|
|
|
|
RUN ./configure && make build && touch jwt_signing_key.pem
|
2018-12-20 11:06:26 +00:00
|
|
|
|
2019-01-22 02:50:50 +09:00
|
|
|
# Copy binary to alpine
|
2019-07-13 22:14:05 +01:00
|
|
|
FROM alpine:3.10
|
2019-02-02 14:20:20 +13:00
|
|
|
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
|
2018-12-20 11:06:26 +00:00
|
|
|
COPY --from=builder /go/src/github.com/pusher/oauth2_proxy/oauth2_proxy /bin/oauth2_proxy
|
2019-03-20 15:15:47 -07:00
|
|
|
COPY --from=builder /go/src/github.com/pusher/oauth2_proxy/jwt_signing_key.pem /etc/ssl/private/jwt_signing_key.pem
|
2018-12-20 11:06:26 +00:00
|
|
|
|
2019-05-03 18:38:03 +12:00
|
|
|
USER 2000:2000
|
2019-03-05 21:26:49 +13:00
|
|
|
|
2018-12-20 11:06:26 +00:00
|
|
|
ENTRYPOINT ["/bin/oauth2_proxy"]
|
