Skip to content

Commit

Permalink
Introduce Docker files for running Tornjak on Openshift (#304)
Browse files Browse the repository at this point in the history
* UBI migration for frontend

Signed-off-by: Andrew Block <[email protected]>

* Updated backend for UBI based container

Signed-off-by: Andrew Block <[email protected]>

* Updated permissions on frontend container

Signed-off-by: Andrew Block <[email protected]>

---------

Signed-off-by: Andrew Block <[email protected]>
Co-authored-by: Andrew Block <[email protected]>
  • Loading branch information
mrsabath and sabre1041 authored Sep 21, 2023
1 parent 231a93b commit ceec845
Show file tree
Hide file tree
Showing 2 changed files with 59 additions and 0 deletions.
19 changes: 19 additions & 0 deletions Dockerfile.backend-container.ubi
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
FROM registry.access.redhat.com/ubi8-micro:latest
RUN mkdir -p /opt/spire

WORKDIR /opt/spire
ENTRYPOINT ["/opt/spire/run_backend.sh"]

# Add init
COPY run_backend.sh run_backend.sh
COPY bin/tornjak-backend tornjak-backend

# add a version link to the image description
ARG version
ARG github_sha
LABEL org.opencontainers.image.description="Tornjak backend ($version): https://github.com/spiffe/tornjak/releases/tag/$version" \
org.opencontainers.image.source="https://github.com/spiffe/tornjak" \
org.opencontainers.image.documentation="https://github.com/spiffe/tornjak/tree/main/docs"
# create env. variables with the build details
ENV VERSION=$version
ENV GITHUB_SHA=$github_sha
40 changes: 40 additions & 0 deletions Dockerfile.frontend-container.ubi
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
## Build stage
FROM registry.access.redhat.com/ubi8/nodejs-18:latest AS build
WORKDIR /opt/app-root/src
COPY --chown=1001:0 tornjak-frontend .
RUN npm install && \
npm run build

## Runtime stage
FROM registry.access.redhat.com/ubi8/nodejs-18-minimal:latest AS runtime
WORKDIR /opt/app-root/src
COPY --from=build --chown=1001:0 /opt/app-root/src/build ./build
COPY --from=build --chown=1001:0 /opt/app-root/src/.env.prod .

# Install serve package and react-inject-env
RUN npm install -g [email protected] && \
npm install --location=global serve && \
npm install react-inject-env

# Update permissions after build
USER 0
RUN chmod -R g+rw /opt/app-root/src
USER 1001


# Set dynamic port, defualt 3000
ENV PORT_FE=3000
EXPOSE $PORT_FE

# moving env.js to fix "access denied" error when running in restricted (read-only) env
ENTRYPOINT npx react-inject-env set -n tmp/env.js && serve -s build -p $PORT_FE

# add a version link to the image description
ARG version
ARG github_sha
LABEL org.opencontainers.image.description="Tornjak frontend ($version): https://github.com/spiffe/tornjak/releases/tag/$version" \
org.opencontainers.image.source="https://github.com/spiffe/tornjak" \
org.opencontainers.image.documentation="https://github.com/spiffe/tornjak/tree/main/docs"
# create env. variables with the build details
ENV VERSION=$version
ENV GITHUB_SHA=$github_sha

0 comments on commit ceec845

Please sign in to comment.