kanidm/kanidm_tools/Dockerfile

# This builds the kanidm CLI tool
ARG BASE_IMAGE=opensuse/tumbleweed:latest
FROM ${BASE_IMAGE} AS repos

RUN zypper refresh --force
RUN zypper dup -y

FROM repos AS builder
ARG SCCACHE_REDIS=""
ARG KANIDM_FEATURES
ARG KANIDM_BUILD_PROFILE
ARG KANIDM_BUILD_OPTIONS=""

RUN zypper install -y \
        rustup wasm-pack \
        gcc clang lld \
        make automake autoconf \
        libopenssl-devel \
        pam-devel \
        libudev-devel \
        sqlite3-devel \
        sccache \
        rsync
RUN zypper clean -a
RUN rustup default stable

COPY . /usr/src/kanidm

RUN mkdir /scratch
RUN echo $KANIDM_BUILD_PROFILE
ENV KANIDM_BUILD_PROFILE=${KANIDM_BUILD_PROFILE:-container_generic}
RUN echo Features $KANIDM_FEATURES

ENV CARGO_HOME=/scratch/.cargo
ENV RUSTFLAGS="-Clinker=clang -Clink-arg=-fuse-ld=/usr/bin/ld.lld"

# set up sccache if you've done the thing
RUN if [ "${SCCACHE_REDIS}" != "" ]; \
then \
  export CARGO_INCREMENTAL=false && \
  export CC="/usr/bin/sccache /usr/bin/clang" && \
  export RUSTC_WRAPPER=sccache && \
  sccache --start-server; \
else \
  export CC="/usr/bin/clang"; \
fi

WORKDIR /usr/src/kanidm/
# build the CLI
RUN if [ -z "${KANIDM_FEATURES}" ]; then \
  cargo build -p kanidm_tools --bin kanidm ${KANIDM_BUILD_OPTIONS} \
    --target-dir="/usr/src/kanidm/target/" \
    --release; \
else \
  cargo build -p kanidm_tools --bin kanidm ${KANIDM_BUILD_OPTIONS} \
    --target-dir="/usr/src/kanidm/target/" \
    --features="${KANIDM_FEATURES}" \
    --release; \
fi

RUN if [ "${SCCACHE_REDIS}" != "" ]; then sccache -s; fi

RUN ls -al /usr/src/kanidm/target/release

# == Construct the tools container
FROM repos

RUN zypper install -y timezone busybox-adduser && \
    zypper clean -a

COPY --from=builder /usr/src/kanidm/target/release/kanidm /sbin/
RUN chmod +x /sbin/kanidm
ENV RUST_BACKTRACE 1

RUN adduser -D -H kanidm
RUN mkdir /etc/kanidm && \
    touch /etc/kanidm/config

USER kanidm

CMD [ "/sbin/kanidm", "-h" ]
Building kanidm cli in docker, disabling ARM kanidmd (#879) * adding kanidm image and config * removing npm deps from build and dockerfiles * moving to a non-root user in the dockerfile 2022-07-05 03:39:38 +02:00			`# This builds the kanidm CLI tool`
			`ARG BASE_IMAGE=opensuse/tumbleweed:latest`
			`FROM ${BASE_IMAGE} AS repos`
Docker build fixes (#904) * Added KANIDM_BUILD_PROFILE to `kanidmd` build Dockerfile 2022-07-06 02:54:44 +02:00
Building kanidm cli in docker, disabling ARM kanidmd (#879) * adding kanidm image and config * removing npm deps from build and dockerfiles * moving to a non-root user in the dockerfile 2022-07-05 03:39:38 +02:00			`RUN zypper refresh --force`
			`RUN zypper dup -y`

			`FROM repos AS builder`
Docker build fixes (#904) * Added KANIDM_BUILD_PROFILE to `kanidmd` build Dockerfile 2022-07-06 02:54:44 +02:00			`ARG SCCACHE_REDIS=""`
			`ARG KANIDM_FEATURES`
			`ARG KANIDM_BUILD_PROFILE`
			`ARG KANIDM_BUILD_OPTIONS=""`
Building kanidm cli in docker, disabling ARM kanidmd (#879) * adding kanidm image and config * removing npm deps from build and dockerfiles * moving to a non-root user in the dockerfile 2022-07-05 03:39:38 +02:00
			`RUN zypper install -y \`
Fixing the CI failures (#1080) 2022-09-28 02:31:19 +02:00			`rustup wasm-pack \`
Docker build fixes (#904) * Added KANIDM_BUILD_PROFILE to `kanidmd` build Dockerfile 2022-07-06 02:54:44 +02:00			`gcc clang lld \`
Building kanidm cli in docker, disabling ARM kanidmd (#879) * adding kanidm image and config * removing npm deps from build and dockerfiles * moving to a non-root user in the dockerfile 2022-07-05 03:39:38 +02:00			`make automake autoconf \`
			`libopenssl-devel \`
			`pam-devel \`
			`libudev-devel \`
			`sqlite3-devel \`
			`sccache \`
			`rsync`
			`RUN zypper clean -a`
Fixing the CI failures (#1080) 2022-09-28 02:31:19 +02:00			`RUN rustup default stable`
Building kanidm cli in docker, disabling ARM kanidmd (#879) * adding kanidm image and config * removing npm deps from build and dockerfiles * moving to a non-root user in the dockerfile 2022-07-05 03:39:38 +02:00
			`COPY . /usr/src/kanidm`

			`RUN mkdir /scratch`
			`RUN echo $KANIDM_BUILD_PROFILE`
Docker build fixes (#904) * Added KANIDM_BUILD_PROFILE to `kanidmd` build Dockerfile 2022-07-06 02:54:44 +02:00			`ENV KANIDM_BUILD_PROFILE=${KANIDM_BUILD_PROFILE:-container_generic}`
			`RUN echo Features $KANIDM_FEATURES`
Building kanidm cli in docker, disabling ARM kanidmd (#879) * adding kanidm image and config * removing npm deps from build and dockerfiles * moving to a non-root user in the dockerfile 2022-07-05 03:39:38 +02:00
			`ENV CARGO_HOME=/scratch/.cargo`
			`ENV RUSTFLAGS="-Clinker=clang -Clink-arg=-fuse-ld=/usr/bin/ld.lld"`

Docker build fixes (#904) * Added KANIDM_BUILD_PROFILE to `kanidmd` build Dockerfile 2022-07-06 02:54:44 +02:00			`# set up sccache if you've done the thing`
Building kanidm cli in docker, disabling ARM kanidmd (#879) * adding kanidm image and config * removing npm deps from build and dockerfiles * moving to a non-root user in the dockerfile 2022-07-05 03:39:38 +02:00			`RUN if [ "${SCCACHE_REDIS}" != "" ]; \`
			`then \`
			`export CARGO_INCREMENTAL=false && \`
			`export CC="/usr/bin/sccache /usr/bin/clang" && \`
			`export RUSTC_WRAPPER=sccache && \`
			`sccache --start-server; \`
			`else \`
			`export CC="/usr/bin/clang"; \`
			`fi`

Docker build fixes (#904) * Added KANIDM_BUILD_PROFILE to `kanidmd` build Dockerfile 2022-07-06 02:54:44 +02:00			`WORKDIR /usr/src/kanidm/`
Building kanidm cli in docker, disabling ARM kanidmd (#879) * adding kanidm image and config * removing npm deps from build and dockerfiles * moving to a non-root user in the dockerfile 2022-07-05 03:39:38 +02:00			`# build the CLI`
			`RUN if [ -z "${KANIDM_FEATURES}" ]; then \`
			`cargo build -p kanidm_tools --bin kanidm ${KANIDM_BUILD_OPTIONS} \`
			`--target-dir="/usr/src/kanidm/target/" \`
			`--release; \`
			`else \`
			`cargo build -p kanidm_tools --bin kanidm ${KANIDM_BUILD_OPTIONS} \`
			`--target-dir="/usr/src/kanidm/target/" \`
			`--features="${KANIDM_FEATURES}" \`
			`--release; \`
			`fi`

			`RUN if [ "${SCCACHE_REDIS}" != "" ]; then sccache -s; fi`

			`RUN ls -al /usr/src/kanidm/target/release`

Add tools container support (#1178) 2022-11-09 22:42:03 +01:00			`# == Construct the tools container`
Building kanidm cli in docker, disabling ARM kanidmd (#879) * adding kanidm image and config * removing npm deps from build and dockerfiles * moving to a non-root user in the dockerfile 2022-07-05 03:39:38 +02:00			`FROM repos`

Add tools container support (#1178) 2022-11-09 22:42:03 +01:00			`RUN zypper install -y timezone busybox-adduser && \`
			`zypper clean -a`
Building kanidm cli in docker, disabling ARM kanidmd (#879) * adding kanidm image and config * removing npm deps from build and dockerfiles * moving to a non-root user in the dockerfile 2022-07-05 03:39:38 +02:00
			`COPY --from=builder /usr/src/kanidm/target/release/kanidm /sbin/`
			`RUN chmod +x /sbin/kanidm`
			`ENV RUST_BACKTRACE 1`

			`RUN adduser -D -H kanidm`
Add tools container support (#1178) 2022-11-09 22:42:03 +01:00			`RUN mkdir /etc/kanidm && \`
			`touch /etc/kanidm/config`
Building kanidm cli in docker, disabling ARM kanidmd (#879) * adding kanidm image and config * removing npm deps from build and dockerfiles * moving to a non-root user in the dockerfile 2022-07-05 03:39:38 +02:00
			`USER kanidm`

Add tools container support (#1178) 2022-11-09 22:42:03 +01:00			`CMD [ "/sbin/kanidm", "-h" ]`