1
0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2024-11-28 09:08:44 +02:00
oauth2-proxy/Dockerfile
Karl Skewes 308bcc06a4 fix Docker user on arm
Use simple USER directive.
Using `addgroup` in final `arm` image when building on amd64 doesn't work.
I must have made a mistake during cross build verification.

Alternative is to use qemu-static but it's not worth it for this.
2019-05-03 20:54:21 +12:00

31 lines
1.1 KiB
Docker

FROM golang:1.12-stretch AS builder
# Download tools
RUN wget -O $GOPATH/bin/dep https://github.com/golang/dep/releases/download/v0.5.0/dep-linux-amd64
RUN chmod +x $GOPATH/bin/dep
# Copy sources
WORKDIR $GOPATH/src/github.com/pusher/oauth2_proxy
COPY . .
# Fetch dependencies
RUN dep ensure --vendor-only
# Build binary and make sure there is at least an empty key file.
# This is useful for GCP App Engine custom runtime builds, because
# you cannot use multiline variables in their app.yaml, so you have to
# build the key into the container and then tell it where it is
# by setting OAUTH2_PROXY_JWT_KEY_FILE=/etc/ssl/private/jwt_signing_key.pem
# in app.yaml instead.
RUN ./configure && make build && touch jwt_signing_key.pem
# Copy binary to alpine
FROM alpine:3.8
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
COPY --from=builder /go/src/github.com/pusher/oauth2_proxy/oauth2_proxy /bin/oauth2_proxy
COPY --from=builder /go/src/github.com/pusher/oauth2_proxy/jwt_signing_key.pem /etc/ssl/private/jwt_signing_key.pem
USER 2000:2000
ENTRYPOINT ["/bin/oauth2_proxy"]