forked from tapis-project/tapis-java
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
43 lines (35 loc) · 1.64 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
##########################################################################
# tapis image for securitymigrate services
#
# usage:
# docker image build -f $BUILD_FILE --build-arg SRVC_JAR=shaded-securitylib.jar --build-arg VER=0.0.1 --build-arg GIT_COMMIT=1234 -t $TAG .
#
# $SKADMIN_PARMS the command line parameters passed into SkAdmin
#
# In addtion to the SKADMIN_PARMS environment variable, a JWT or Kubernetes token environment variable may
# also need to be set depending on the action to be performed by SkAdmin.
#
# Tested with Docker version 18.06.0-ce
##########################################################################
FROM eclipse-temurin:17-jdk-jammy
ARG VER
ARG SRVC_JAR
ARG GIT_COMMIT
ARG BUILD_TIME
MAINTAINER CIC Support <cicsupport@tacc.utexas.edu>
# Install less. Add user tapis
RUN apt update && apt install -y less vim-tiny && useradd -m tapis
# Set commit info
LABEL "GIT_COMMIT"=$GIT_COMMIT
LABEL "VERSION"=$VER
LABEL "BUILD_TIME"=$BUILD_TIME
# add
COPY shaded-securitylib.jar /usr/local/bin/shaded-securitylib.jar
# Change to non-root user after installation is complete.
# Create a private work directory subsequent commands.
USER tapis
WORKDIR /home/tapis/work
# Java module commands that are always needed.
ENV JAVA_MODULE_OPTS --add-opens java.base/java.lang=ALL-UNNAMED --add-opens java.base/java.time=ALL-UNNAMED --add-opens java.base/java.util=ALL-UNNAMED
# Launch the migration script. The tls directive is to avoid a jvm bug involving certificates.
CMD java ${JAVA_MODULE_OPTS} -Djdk.tls.client.protocols=TLSv1.2 -cp /usr/local/bin/shaded-securitylib.jar edu.utexas.tacc.tapis.security.commands.SkAdmin $SKADMIN_PARMS