UNCLASSIFIED

Dockerfile 2.03 KB
Newer Older
1 2 3
ARG BASE_REGISTRY=nexus-docker-secure.levelup-dev.io
ARG BASE_IMAGE=opensource/openjdk/openjdk
ARG BASE_TAG=1.8
4

5
# This builder image was pushed to Nexus using prebuild.sh and will be used to copy binaries from
6
FROM nexus-docker-secure.levelup-dev.io/builder-opensource/keycloak:6.0.1 AS builder
7

8
# This is the base image
9 10
FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}

11 12 13
LABEL name="Keycloak" \
      description="Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code." \
      vendor="Opensource" \
14
      summary="Keycloak Container" \
15 16 17
      maintainer="Red Hat <hojeda@redhat.com>" \
      version="6.0.1"

18 19 20 21 22 23 24 25 26 27 28
ENV KEYCLOAK_VERSION="6.0.1" \
    JDBC_POSTGRES_VERSION="42.2.5" \
    JDBC_MYSQL_VERSION="5.1.46" \
    JDBC_MARIADB_VERSION="2.2.3" \
    LAUNCH_JBOSS_IN_BACKGROUND="1" \
    PROXY_ADDRESS_FORWARDING="false" \
    JBOSS_HOME="/opt/jboss/keycloak" \
    LANG="en_US.UTF-8" \
    KEYCLOAK_USER_NAME="keycloak" \
    KEYCLOAK_USER_ID="1000" \
    KEYCLOAK_HOME="/opt/jboss"
Hayden's avatar
Hayden committed
29 30 31 32 33

ARG GIT_REPO
ARG GIT_BRANCH
ARG KEYCLOAK_DIST=https://downloads.jboss.org/keycloak/$KEYCLOAK_VERSION/keycloak-$KEYCLOAK_VERSION.tar.gz

34
# Copy binaries from builder image
35 36 37
COPY --from=builder /opt/jboss /opt/jboss

# Create the user, fix file system ownership
38 39
RUN useradd -u $KEYCLOAK_USER_ID -g 0 -M -d /opt/jboss $KEYCLOAK_USER_NAME && \
    chown -R ${KEYCLOAK_USER_NAME}:0 ${KEYCLOAK_HOME} && \
40
    chmod -R o-w /opt/jboss/keycloak
Hayden's avatar
Hayden committed
41

42
# Install dependencies
43 44 45 46 47
RUN yum update -y --disableplugin=subsciption-manager \
                  --nogpgcheck \
                  --disablerepo=unified_platform_ubi8_appstream \
                  --disablerepo=unified_platform_ubi8_os && \
    yum clean all && [ ! -d /var/cache/yum ] || rm -rf /var/cache/yum
Hayden's avatar
Hayden committed
48

49
USER ${KEYCLOAK_USER_ID}
Hayden's avatar
Hayden committed
50 51

EXPOSE 8080
52

53
HEALTHCHECK --timeout=5m --start-period=2m --retries=3 CMD curl http://localhost/auth || exit 1
Hayden's avatar
Hayden committed
54 55 56

ENTRYPOINT [ "/opt/jboss/tools/docker-entrypoint.sh" ]

57
CMD ["-b", "0.0.0.0"]