forked from bank-vaults/bank-vaults
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
35 lines (23 loc) · 1.08 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
ARG GO_VERSION=1.15
FROM golang:${GO_VERSION}-alpine AS builder
RUN apk add --update --no-cache build-base git mercurial
RUN mkdir -p /build
WORKDIR /build
COPY go.* /build/
COPY pkg/sdk/go.* /build/pkg/sdk/
RUN go mod download
COPY . /build
RUN go install ./cmd/template
RUN go install ./cmd/bank-vaults
FROM alpine:3.13.1
RUN apk add --no-cache ca-certificates curl \
ccid opensc pcsc-lite-libs softhsm
USER 65534
# Initializing SoftHSM to be able to create a working example (only for dev),
# sharing the HSM device is emulated with a pre-created keypair in the image.
RUN softhsm2-util --init-token --free --label bank-vaults --so-pin banzai --pin banzai
RUN pkcs11-tool --module /usr/lib/softhsm/libsofthsm2.so --keypairgen --key-type rsa:2048 --pin banzai --token-label bank-vaults --label bank-vaults
COPY --from=builder /go/bin/template /usr/local/bin/template
COPY --from=builder /go/bin/bank-vaults /usr/local/bin/bank-vaults
COPY --from=builder /build/scripts/pcscd-entrypoint.sh /usr/local/bin/pcscd-entrypoint.sh
ENTRYPOINT ["/usr/local/bin/bank-vaults"]