-
Notifications
You must be signed in to change notification settings - Fork 35
/
Copy pathDockerfile.webhook_client_dp3
38 lines (28 loc) · 1.38 KB
/
Dockerfile.webhook_client_dp3
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
###########
# BUILDER #
###########
FROM milmove/circleci-docker:milmove-app-f678d1c6a5e2085f733f5408b7affd628f9f3576 as builder
# Prepare public DOD certificates.
# hadolint ignore=DL3002
USER root
# Demo Environment Certs
COPY config/tls/api.demo.dp3.us.p7b /tmp/api.demo.dp3.us.p7b
RUN openssl pkcs7 -print_certs -inform der -in /tmp/api.demo.dp3.us.p7b -out /usr/local/share/ca-certificates/api.demo.dp3.us.crt
# Loadtesting Environment Certs
COPY config/tls/api.loadtest.dp3.us.chain.der.p7b /tmp/api.loadtest.dp3.us.chain.der.p7b
RUN openssl pkcs7 -print_certs -inform der -in /tmp/api.loadtest.dp3.us.chain.der.p7b -out /usr/local/share/ca-certificates/api.loadtest.dp3.us.chain.der.crt
# Exp Environment Certs
COPY config/tls/api.exp.dp3.us.chain.der.p7b /tmp/api.exp.dp3.us.chain.der.p7b
RUN openssl pkcs7 -print_certs -inform der -in /tmp/api.exp.dp3.us.chain.der.p7b -out /usr/local/share/ca-certificates/api.exp.dp3.us.chain.der.crt
RUN update-ca-certificates
#########
# FINAL #
#########
# hadolint ignore=DL3007
FROM gcr.io/distroless/static:latest
# Copy DOD certs from the builder.
COPY --from=builder --chown=root:root /etc/ssl/certs /etc/ssl/certs
COPY bin/rds-ca-rsa4096-g1.pem /bin/rds-ca-rsa4096-g1.pem
COPY bin/rds-ca-us-gov-west-1-2017-root.pem /bin/rds-ca-us-gov-west-1-2017-root.pem
COPY bin/webhook-client /bin/webhook-client
CMD ["/bin/webhook-client", "webhook-notify"]