-
Notifications
You must be signed in to change notification settings - Fork 2
/
acra-python-example.dockerfile
67 lines (51 loc) · 2.15 KB
/
acra-python-example.dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
FROM alpine:3.15.0
# Include metadata, additionally use label-schema namespace
LABEL org.label-schema.schema-version="1.0" \
org.label-schema.vendor="Cossack Labs" \
org.label-schema.url="https://cossacklabs.com" \
org.label-schema.name="Acra + HAProxy + PostgreSQL Demo" \
org.label-schema.description="Demonstrates HA and balancing between Acra instances" \
com.cossacklabs.product.name="acra-haproxy-pgsql" \
com.cossacklabs.product.component="acra-python-example" \
com.cossacklabs.docker.container.type="product"
# Fix CVE-2019-5021
RUN echo 'root:!' | chpasswd -e
RUN apk update
RUN apk add --no-cache bash python3 py3-pip postgresql-dev postgresql-client
RUN pip3 install --no-cache-dir --upgrade pip
RUN ln -s /usr/bin/python3 /usr/bin/python
RUN apk add gcc python3-dev musl-dev libxml2-dev git alpine-sdk rsync
# TODO : remove when themis will fully support alpine
RUN mkdir -p /usr/local/sbin
RUN echo -e '#!/bin/sh\n\nexit 0\n' > /usr/local/sbin/ldconfig
RUN chmod +x /usr/local/sbin/ldconfig
# themis
RUN cd /root \
&& git clone --depth 1 -b stable https://github.com/cossacklabs/themis
RUN cd /root/themis \
&& make \
&& make install \
&& make pythemis_install
# acra
# using commit instead of version/tag to use the commit with specific SqlAlchemy from examples/python
# and some examples/python fixes
# https://github.com/cossacklabs/acra/commit/34e162b335a3d2c248b8fd1e294c25bd5c78350e
RUN cd /root \
&& git clone https://github.com/cossacklabs/acra /root/acra \
&& cd /root/acra \
&& git checkout 34e162b335a3d2c248b8fd1e294c25bd5c78350e
RUN mkdir /app.requirements \
&& cp /root/acra/examples/python/requirements/* /app.requirements/
RUN pip3 install --no-cache-dir -r /app.requirements/postgresql.txt
RUN mkdir /app \
&& cp -r /root/acra/examples/python/* /app/
RUN echo -e '#!/bin/sh\n\nwhile true\ndo\n\tsleep 1\ndone\n' > /entry.sh
RUN chmod +x /entry.sh
VOLUME /app.acrakeys
RUN mkdir /ssl
COPY ssl/acra-client/acra-client.crt /ssl/acra-client.crt
COPY ssl/acra-client/acra-client.key /ssl/acra-client.key
COPY ssl/ca/ca.crt /ssl/root.crt
RUN chmod 0600 -R /ssl/
WORKDIR /app
ENTRYPOINT ["/entry.sh"]