Skip to content

start adding pkcs11 libs to zet image #1174

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
+76 −2
Draft

start adding pkcs11 libs to zet image #1174

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
78 changes: 76 additions & 2 deletions docker/ziti-edge-tunnel.Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,78 @@
FROM registry.access.redhat.com/ubi9/ubi-minimal
FROM almalinux:9 AS opensc

ARG OPENSC_VERSION=0.26.1

ENV OPENSC_VERSION=${OPENSC_VERSION} \
OPENSC_SOURCES=/tmp/opensc

RUN dnf install -y dnf-plugins-core && \
dnf config-manager --set-enabled crb && \
dnf update -y
RUN dnf install -y \
readline-devel \
openssl-devel \
libxslt \
docbook-style-xsl \
pcsc-lite-devel \
automake \
autoconf \
libtool \
git \
gcc \
make \
which

RUN git clone https://github.com/OpenSC/OpenSC.git ${OPENSC_SOURCES}
WORKDIR ${OPENSC_SOURCES}

RUN git checkout ${OPENSC_VERSION} -b ${OPENSC_VERSION} \
&& ./bootstrap \
&& ./configure --prefix=/usr/local --sysconfdir=/etc/opensc \
&& make \
&& make install

FROM almalinux:9 AS yubikey

ARG YUBIKEY_VERSION=yubico-piv-tool-2.7.1

ENV YUBIKEY_VERSION=${YUBIKEY_VERSION} \
YUBIKEY_SOURCES=/tmp/yubikey

RUN dnf install -y dnf-plugins-core && \
dnf config-manager --set-enabled crb && \
dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm && \
dnf update -y
RUN dnf install -y \
cmake \
libtool \
openssl-devel \
pkg-config \
check \
check-devel \
pcsc-lite-devel \
help2man \
git \
gcc \
gcc-c++ \
gengetopt \
make \
which \
zlib-devel \
cmake3

RUN git clone https://github.com/Yubico/yubico-piv-tool.git ${YUBIKEY_SOURCES}
WORKDIR ${YUBIKEY_SOURCES}

RUN git checkout ${YUBIKEY_VERSION} -b ${YUBIKEY_VERSION} \
&& mkdir -p build && cd build \
&& cmake3 .. \
&& make \
&& make install

FROM registry.access.redhat.com/ubi9/ubi-minimal AS runner

COPY --from=opensc /usr/local /usr/local
COPY --from=yubikey /usr/local /usr/local

ARG ARTIFACTS_DIR=./build
ARG DOCKER_BUILD_DIR=.
Expand All @@ -22,7 +96,7 @@ COPY ${DOCKER_BUILD_DIR}/LICENSE-Apache /licenses/apache.txt

### Add necessary Red Hat repos and packages
# installing util-linux adds 20MB to the image size and doesn't seem worthwhile just for the mountpoint command...
RUN INSTALL_PKGS="iproute procps shadow-utils jq" \
RUN INSTALL_PKGS="iproute procps shadow-utils jq openssl-pkcs11" \
&& microdnf -y update --setopt=install_weak_deps=0 --setopt=tsflags=nodocs \
&& microdnf -y install --setopt=install_weak_deps=0 --setopt=tsflags=nodocs ${INSTALL_PKGS}

Expand Down
Loading