mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-01-13 00:19:32 -05:00
90b88e1cf9
In the light of extending our eKMS support it will be helpful to have a tighter use of the word "KMS". KMS should refer to the actual component that manages keys. The keyservice, also called KMS in the constellation code, does not manage keys itself. It talks to a KMS backend, which in turn does the actual key management.
70 lines
2.7 KiB
Docker
70 lines
2.7 KiB
Docker
FROM ubuntu:22.04@sha256:965fbcae990b0467ed5657caceaec165018ef44a4d2d46c7cdea80a9dff0d1ea as build
|
|
|
|
ARG GO_VER=1.19.5
|
|
ARG GEN_GO_VER=1.28.1
|
|
ARG GEN_GO_GRPC_VER=1.2.0
|
|
ARG PB_VER=21.8
|
|
|
|
ENV DEBIAN_FRONTEND="noninteractive"
|
|
RUN apt-get update && apt-get install -y wget tar unzip
|
|
|
|
# Install Go
|
|
RUN wget -q https://go.dev/dl/go${GO_VER}.linux-amd64.tar.gz && \
|
|
tar -C /usr/local -xzf go${GO_VER}.linux-amd64.tar.gz && rm go${GO_VER}.linux-amd64.tar.gz
|
|
ENV PATH ${PATH}:/usr/local/go/bin:/root/go/bin
|
|
|
|
|
|
RUN wget -q https://github.com/protocolbuffers/protobuf/releases/download/v${PB_VER}/protoc-${PB_VER}-linux-x86_64.zip && \
|
|
unzip protoc-${PB_VER}-linux-x86_64.zip -d /root/.local && \
|
|
cp /root/.local/bin/protoc /usr/local/bin/protoc
|
|
ENV PATH="$PATH:/root/.local/bin"
|
|
|
|
RUN go install google.golang.org/protobuf/cmd/protoc-gen-go@v${GEN_GO_VER} && \
|
|
go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v${GEN_GO_GRPC_VER}
|
|
|
|
# Generate code for every existing proto file
|
|
|
|
## disk-mapper recover api
|
|
WORKDIR /disk-mapper
|
|
COPY disk-mapper/recoverproto/*.proto /disk-mapper
|
|
RUN protoc --go_out=. --go_opt=paths=source_relative --go-grpc_out=. --go-grpc_opt=paths=source_relative *.proto
|
|
|
|
## debugd service
|
|
WORKDIR /service
|
|
COPY debugd/service/*.proto /service
|
|
RUN protoc --go_out=. --go_opt=paths=source_relative --go-grpc_out=. --go-grpc_opt=paths=source_relative *.proto
|
|
|
|
## key management
|
|
WORKDIR /keyservice
|
|
COPY keyservice/keyserviceproto/*.proto /keyservice
|
|
RUN protoc --go_out=. --go_opt=paths=source_relative --go-grpc_out=. --go-grpc_opt=paths=source_relative *.proto
|
|
|
|
## join service
|
|
WORKDIR /joinservice
|
|
COPY joinservice/joinproto/*.proto /joinservice
|
|
RUN protoc --go_out=. --go_opt=paths=source_relative --go-grpc_out=. --go-grpc_opt=paths=source_relative *.proto
|
|
|
|
## verify
|
|
WORKDIR /verify
|
|
COPY verify/verifyproto/*.proto /verify
|
|
RUN protoc --go_out=. --go_opt=paths=source_relative --go-grpc_out=. --go-grpc_opt=paths=source_relative *.proto
|
|
|
|
## init
|
|
WORKDIR /init
|
|
COPY bootstrapper/initproto/*.proto /init
|
|
RUN protoc --go_out=. --go_opt=paths=source_relative --go-grpc_out=. --go-grpc_opt=paths=source_relative *.proto
|
|
|
|
## upgrade agent
|
|
WORKDIR /upgrade-agent
|
|
COPY upgrade-agent/upgradeproto/*.proto /upgrade-agent
|
|
RUN protoc --go_out=. --go_opt=paths=source_relative --go-grpc_out=. --go-grpc_opt=paths=source_relative *.proto
|
|
|
|
FROM scratch as export
|
|
COPY --from=build /disk-mapper/*.go disk-mapper/recoverproto/
|
|
COPY --from=build /service/*.go debugd/service/
|
|
COPY --from=build /keyservice/*.go keyservice/keyserviceproto/
|
|
COPY --from=build /joinservice/*.go joinservice/joinproto/
|
|
COPY --from=build /verify/*.go verify/verifyproto/
|
|
COPY --from=build /init/*.go bootstrapper/initproto/
|
|
COPY --from=build /upgrade-agent/*.go upgrade-agent/upgradeproto/
|