34 lines
1.0 KiB
Docker
34 lines
1.0 KiB
Docker
FROM openstacksecurity/anchor:base
|
||
# According to http://crosbymichael.com/dockerfile-best-practices-take-2.html
|
||
# Rolling your own python base is in line with probably best practice
|
||
MAINTAINER Robert Clark <hyakuhei@gmail.com>
|
||
|
||
# Clone our repo
|
||
# Users may want to use --no-cache to ensure that when building the container
|
||
# an up to date version of Anchor is cloned.
|
||
WORKDIR /root
|
||
RUN git clone git://git.openstack.org/openstack/anchor
|
||
WORKDIR /root/anchor
|
||
|
||
RUN pip install -e .
|
||
|
||
RUN cp config.py /home/anchor/ ;\
|
||
cp config.json /home/anchor/ ;\
|
||
chown anchor:anchor /home/anchor/config.py ;\
|
||
chown anchor:anchor /home/anchor/config.json
|
||
|
||
RUN su - anchor
|
||
|
||
WORKDIR /home/anchor
|
||
RUN mkdir CA
|
||
RUN openssl req -out CA/root-ca.crt \
|
||
-keyout CA/root-ca-unwrapped.key \
|
||
-newkey rsa:4096 \
|
||
-subj "/CN=Anchor Test CA" \
|
||
-nodes \
|
||
-x509 \
|
||
-days 365 ;\
|
||
chmod 0400 CA/root-ca-unwrapped.key
|
||
|
||
ENTRYPOINT ["/usr/local/bin/pecan", "serve", "/home/anchor/config.py"]
|