-
Notifications
You must be signed in to change notification settings - Fork 9
/
Dockerfile.imaserver
52 lines (40 loc) · 1.77 KB
/
Dockerfile.imaserver
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# Copyright (c) 2015-2021 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
#
# This program and the accompanying materials are made available under the
# terms of the Eclipse Public License 2.0 which is available at
# http://www.eclipse.org/legal/epl-2.0
#
# SPDX-License-Identifier: EPL-2.0
#
#Choose a base image that matches the type of build we are using...
#By default we use: almalinux8
#FROM quay.io/centos/centos:7
# For a RHEL8/CentOS8 distro, we use AlmaLinux:
FROM quay.io/almalinuxorg/almalinux:8
# For Fedora, the verion changes very often due to their short life
#FROM quay.io/fedora/fedora:35-x86_64
#File author / Maintainer
MAINTAINER ISM Build
WORKDIR ${IMA_SVR_INSTALL_PATH}/bin
#To run as a non-root user
# 1) Create the user and group outside the container with a selected uid/gid
# groupadd -r -g 463 ima
# useradd -r -s /sbin/nologin -g ima -u 463 ima
# 2) Give that user read/write access to any volumes that will be used
# 3) Create a config file so the RPM knows the user
# RUN echo 'user=ima' >/etc/messagesight-user.cfg
# 4) Uncomment the RUN group/useradd setup lines:
# (Ensure the numeric uid/gid below match step 1 above)
# RUN groupadd -r -g 463 ima
# RUN useradd -r -s /sbin/nologin -g ima -u 463 ima
# 5) Uncomment the USER line before the Entrypoint
# Install packages
RUN yum -y upgrade && \
yum -y install gdb net-tools openssh-clients openssl tar perl jansson zip logrotate bzip2 unzip && \
rpm -iv http://10.90.125.123:9988/RPMS/${IMA_PKG_SERVER}.rpm
#Uncomment below USER line to run as a non-root user (but do the above steps 1-4 as well!)
#USER ima:ima
ENTRYPOINT [ "${IMA_SVR_INSTALL_PATH}/bin/run.sh" ]