-
Scott Stroud authoredScott Stroud authored
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
Dockerfile 1.26 KiB
ARG CONFLUENT_OPERATOR_BASE_IMAGE=confluentinc/confluent-operator
ARG CONFLUENT_OPERATOR_BASE_TAG=0.771.29
ARG BASE_REGISTRY=registry1.dso.mil
ARG BASE_IMAGE=redhat/ubi/ubi8
ARG BASE_TAG=8.8
FROM ${CONFLUENT_OPERATOR_BASE_IMAGE}:${CONFLUENT_OPERATOR_BASE_TAG} as base
FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
WORKDIR /opt
ENV LANG="C.UTF-8"
USER root
COPY LICENSE /licenses/
COPY Dockerfile /etc/confluent/ironbank/
COPY hardening_manifest.yaml /etc/confluent/ironbank/
## copy from dockerhub image
COPY --from=base /licenses /licenses
COPY --from=base /opt/manager /opt/manager
RUN echo "===> Dependency update" \
&& dnf update -y --nodocs \
&& chmod gu-s /usr/bin/write \
&& echo "===> Clean up, Clean up" \
&& dnf clean all \
&& yum clean all \
&& rm -rf /tmp/* /var/cache/dnf
ENTRYPOINT ["/opt/manager"]
# Polling period : 5 seconds
# Timeout period : 2 seconds (if the polling does not return within this time, treat as a failed poll)
# Retry period : 25 sec (after which container is deemed unhealthy)
# All settings can be overriden at run-time in Docker/Docker Compose.
HEALTHCHECK --interval=5s --timeout=2s --retries=5 \
CMD curl --fail --silent --output /dev/null http://localhost:8080/readyz || exit 1
USER 1001