Adding Dockerfile
This commit is contained in:
32
cmd/cert-bundler/Dockerfile
Normal file
32
cmd/cert-bundler/Dockerfile
Normal file
@@ -0,0 +1,32 @@
|
||||
# Build and runtime image for cert-bundler
|
||||
# Usage (from repo root or cmd/cert-bundler directory):
|
||||
# docker build -t cert-bundler:latest -f cmd/cert-bundler/Dockerfile .
|
||||
# docker run --rm -v "$PWD":/work cert-bundler:latest
|
||||
# This expects a /work/bundle.yaml file in the mounted directory and
|
||||
# will write generated bundles to /work/bundle.
|
||||
|
||||
# Build stage
|
||||
FROM golang:1.24.3-alpine AS build
|
||||
WORKDIR /src
|
||||
|
||||
# Copy go module files and download dependencies first for better caching
|
||||
COPY go.mod go.sum ./
|
||||
RUN go mod download
|
||||
|
||||
# Copy the rest of the source and build the cert-bundler binary
|
||||
COPY . .
|
||||
RUN go build -o /bin/cert-bundler ./cmd/cert-bundler
|
||||
|
||||
# Runtime stage (kept as golang:alpine per requirement)
|
||||
FROM golang:1.24.3-alpine
|
||||
|
||||
# Create a work directory that users will typically mount into
|
||||
WORKDIR /work
|
||||
VOLUME ["/work"]
|
||||
|
||||
# Copy the built binary from the builder stage
|
||||
COPY --from=build /bin/cert-bundler /usr/local/bin/cert-bundler
|
||||
|
||||
# Default command: read bundle.yaml from current directory and output to ./bundle
|
||||
ENTRYPOINT ["/usr/local/bin/cert-bundler"]
|
||||
CMD ["-c", "/work/bundle.yaml", "-o", "/work/bundle"]
|
||||
@@ -584,7 +584,6 @@ func generateHashFile(path string, files []string) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
|
||||
// makeUniqueName ensures that each file name within the archive is unique by appending
|
||||
// an incremental numeric suffix before the extension when collisions occur.
|
||||
// Example: "root.pem" -> "root-2.pem", "root-3.pem", etc.
|
||||
@@ -599,10 +598,7 @@ func makeUniqueName(name string, used map[string]int) string {
|
||||
base := strings.TrimSuffix(name, ext)
|
||||
// Track a counter per base+ext key
|
||||
key := base + ext
|
||||
counter := used[key]
|
||||
if counter < 1 {
|
||||
counter = 1
|
||||
}
|
||||
counter := max(used[key], 1)
|
||||
for {
|
||||
counter++
|
||||
candidate := fmt.Sprintf("%s-%d%s", base, counter, ext)
|
||||
|
||||
13
cmd/cert-bundler/testdata/bundle.yaml
vendored
13
cmd/cert-bundler/testdata/bundle.yaml
vendored
@@ -2,6 +2,19 @@ config:
|
||||
hashes: bundle.sha256
|
||||
expiry: 1y
|
||||
chains:
|
||||
weird:
|
||||
certs:
|
||||
- root: pems/gts-r1.pem
|
||||
intermediates:
|
||||
- pems/goog-wr2.pem
|
||||
- root: pems/isrg-root-x1.pem
|
||||
outputs:
|
||||
include_single: true
|
||||
include_individual: true
|
||||
manifest: true
|
||||
formats:
|
||||
- zip
|
||||
- tgz
|
||||
core_certs:
|
||||
certs:
|
||||
- root: pems/gts-r1.pem
|
||||
|
||||
Reference in New Issue
Block a user