Sign upLogin

cloudfoundry/stratos

View on GitHub
Star
deploy/Dockerfile.all-in-one

Summary

Maintainability
Test Coverage
# Docker build for all-in-one Stratos
# ---------------------------------------------------------------------------------------------------
FROM splatform/stratos-bk-build-base:leap15_2 as jetstream-builder

# Ensure that we copy the custom-src folder
COPY --chown=stratos:users . ./
COPY --chown=stratos:users deploy/tools/generate_cert.sh generate_cert.sh
COPY --chown=stratos:users deploy/all-in-one/config.all-in-one.properties config.properties

ARG USE_PREBUILT_UI

USER stratos
RUN node --version
RUN deploy/all-in-one/src-build.sh

# Generate dev-certs
RUN CERTS_PATH=/home/stratos/dev-certs ./generate_cert.sh

# ---------------------------------------------------------------------------------------------------
# Final AIO Container
# ---------------------------------------------------------------------------------------------------

FROM splatform/stratos-bk-base:leap15_2
ARG CANARY_BUILD

# Add a jetstream user so we don't run as root
RUN useradd -M -U -u 2000 jetstream
RUN usermod -aG users jetstream

# Ensure that the /srv folder is in the users group so that the jetstream user can write to it
RUN mkdir -p /srv && chgrp users /srv && chmod 775 /srv

COPY --chown=jetstream:users --from=jetstream-builder /home/stratos/dev-certs /srv/dev-certs
COPY --chown=jetstream:users --from=jetstream-builder /home/stratos/ui /srv/ui
COPY --chown=jetstream:users --from=jetstream-builder /home/stratos/jetstream /srv/jetstream
RUN chmod +x /srv/jetstream
COPY --chown=jetstream:users --from=jetstream-builder /home/stratos/config.properties /srv/config.properties

# User Invite templates
COPY --chown=jetstream:users --from=jetstream-builder /home/stratos/src/jetstream/templates /srv/templates

# Plugins.yaml configuration
COPY --chown=jetstream:users --from=jetstream-builder /home/stratos/src/jetstream/plugins.yaml /srv/plugins.yaml

# Enable persistence features if canary build flag is set
RUN if [ "x$CANARY_BUILD" != "x" ] ; then printf "\nFORCE_ENABLE_PERSISTENCE_FEATURES=true\n" >> /srv/config.properties ; fi

# Enable tech preview features if canary build flag is set
RUN if [ "x$CANARY_BUILD" != "x" ] ; then printf "\nENABLE_TECH_PREVIEW=true\n" >> /srv/config.properties ; fi

EXPOSE 5443

USER jetstream

ENTRYPOINT ["./jetstream"]