Gitiles
Code Review Sign In
review.sourcearcade.org / sourcearcade / refs/heads/keycloak / . / gerrit / Dockerfile
blob: 3c68be6ac5daa4a42d03cf50364a8c689feca88a [file] [log] [blame]
Nico Huberf3c71252023-07-21 13:03:49 +0000[diff] [blame]1ARG SSL_VARIANT=letsencrypt
Nico Hubereb4c9d22023-07-21 13:44:38 +0000[diff] [blame]2ARG GERRIT_TAG=3.8.1
Nico Hubera1a296f2023-06-25 10:07:07 +0000[diff] [blame]3
Nico Huberf3c71252023-07-21 13:03:49 +0000[diff] [blame]4
5FROM gerritcodereview/gerrit:${GERRIT_TAG} as gerrit_letsencrypt
6
7# Nothing to do
8
9
10FROM gerritcodereview/gerrit:${GERRIT_TAG} as gerrit_selfsigned
11
12ONBUILD COPY --from=sourcearcade-nginx /etc/ssl/certs/sa-selfsigned.crt /var/gerrit/etc/
13ONBUILD RUN \
Nico Hubera1a296f2023-06-25 10:07:07 +0000[diff] [blame]14 keytool -importcert -alias sa-selfsigned -file /var/gerrit/etc/sa-selfsigned.crt \
15 -keystore /var/gerrit/truststore -storepass uiaeuiae -noprompt && \
16 rm /var/gerrit/etc/sa-selfsigned.crt
Nico Huberf3c71252023-07-21 13:03:49 +0000[diff] [blame]17ONBUILD RUN \
Nico Hubera1a296f2023-06-25 10:07:07 +0000[diff] [blame]18 echo | keytool -importkeystore \
19 -srckeystore /usr/lib/jvm/java-*/lib/security/cacerts \
20 -destkeystore /var/gerrit/truststore \
21 -deststorepass uiaeuiae -noprompt
22
Nico Huberf3c71252023-07-21 13:03:49 +0000[diff] [blame]23ONBUILD USER root
24ONBUILD RUN \
Nico Hubera1a296f2023-06-25 10:07:07 +0000[diff] [blame]25 printf 'JAVA_OPTIONS="%s %s"\n' \
26 -Djavax.net.ssl.trustStore=/var/gerrit/truststore \
27 -Djavax.net.ssl.trustStorePassword=uiaeuiae >>/etc/default/gerritcodereview
28
Nico Huberf3c71252023-07-21 13:03:49 +0000[diff] [blame]29
30FROM gerrit_${SSL_VARIANT}
31
32USER root
Nico Hubera1a296f2023-06-25 10:07:07 +0000[diff] [blame]33COPY gerrit/Dockerfile.entrypoint /privileged.sh
34RUN chmod 544 /privileged.sh
35COPY gerrit/Dockerfile.entrypoint-unprivileged /unprivileged.sh
36RUN chmod 555 /unprivileged.sh
37
38ENTRYPOINT ["/bin/sh", "/privileged.sh"]