djpbessems
/
ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ContainerImage.Pinniped/hack/lib/tilt/local-user-authenticator.Do...

20 lines
653 B
Docker
Raw Normal View History

Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
# Copyright 2020 VMware, Inc.
# SPDX-License-Identifier: Apache-2.0
# Use a runtime image based on Debian slim
Upgrade golang patch release to 1.15.3 and debian 10.5-slim -> 10.6-slim
2020-11-03 00:17:15 +00:00
FROM debian:10.6-slim
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
# Copy the binary which was built outside the container.
COPY build/local-user-authenticator /usr/local/bin/local-user-authenticator
# Document the port
Run as non-root I tried to follow a principle of encapsulation here - we can still default to peeps making connections to 80/443 on a Service object, but internally we will use 8080/8443. Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-11-02 16:57:05 +00:00
EXPOSE 8443
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
hack/lib/tilt: run Tilt images with non-root user Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-11-02 21:32:50 +00:00
# Run as non-root for security posture
Run Tilt containers as root because live-reload breaks otherwise
2020-11-10 17:27:44 +00:00
# Commented out because it breaks the live-reload feature of Tilt. See https://github.com/tilt-dev/tilt/issues/2300
# Be aware that this creates a significant difference between running with Tilt and running otherwise.
#USER 1001:1001
hack/lib/tilt: run Tilt images with non-root user Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-11-02 21:32:50 +00:00
Add Tilt-based local dev workflow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-09-08 16:29:34 +00:00
# Set the entrypoint
ENTRYPOINT ["/usr/local/bin/local-user-authenticator"]