-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
42 lines (37 loc) · 1.2 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
FROM fedora:30
LABEL \
name="Operators Manifests Push Service" \
vendor="Red Hat, Inc" \
maintainer="Martin Basti <[email protected]>" \
license="GPLv3"
# The caller can optionally provide a cacert url
ARG cacert_url=undefined
ENV WORKERS_NUM 8
# Explicit worker timeout is 30 seconds.
ENV WORKER_TIMEOUT 30
WORKDIR /src
RUN dnf -y install \
python3-gunicorn \
python3-flask \
python3-jsonschema \
python3-koji \
python3-pyyaml \
python3-requests \
python3-operator-courier \
&& dnf -y clean all \
&& rm -rf /tmp/*
RUN dnf --enablerepo=updates-testing -y update python3-operator-courier \
&& dnf -y clean all \
&& rm -rf /tmp/*
RUN if [ "$cacert_url" != "undefined" ]; then \
cd /etc/pki/ca-trust/source/anchors \
&& curl -O $cacert_url \
&& update-ca-trust extract; \
fi
# This will allow a non-root user to install a custom root CA at run-time
RUN chmod 777 /etc/pki/tls/certs/ca-bundle.crt
COPY . .
RUN pip3 install . --no-deps
USER 1001
EXPOSE 8080
ENTRYPOINT docker/install-ca.sh && gunicorn-3 --workers ${WORKERS_NUM} --timeout ${WORKER_TIMEOUT} --bind 0.0.0.0:8080 --access-logfile=- --enable-stdio-inheritance omps.app:app