-
Notifications
You must be signed in to change notification settings - Fork 174
Expand file tree
/
Copy pathprebuilt.Dockerfile
More file actions
21 lines (14 loc) · 919 Bytes
/
prebuilt.Dockerfile
File metadata and controls
21 lines (14 loc) · 919 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
# syntax=docker/dockerfile:1
# Simplified Dockerfile for operator that uses a pre-built binary.
# This avoids rebuilding the binary inside Docker and leverages external caching.
ARG TARGET_ARCH=amd64
FROM --platform=linux/${TARGET_ARCH} registry.access.redhat.com/ubi9-micro:latest
ARG ROX_IMAGE_FLAVOR
ENV ROX_IMAGE_FLAVOR=${ROX_IMAGE_FLAVOR}
ARG TARGET_ARCH
COPY bin/linux_${TARGET_ARCH}/stackrox-operator /usr/local/bin/
# The following are numeric uid and gid of `nobody` user in UBI.
# We can't use symbolic names because otherwise k8s will fail to start the pod with an error like this:
# Error: container has runAsNonRoot and image has non-numeric user (nobody), cannot verify user is non-root (pod: "stackrox-operator-controller-manager-75bc744454-bkbjr_stackrox-operator-system(49874aae-2695-4d3a-afd3-8723914d2af5)", container: manager)
USER 65534:65534
ENTRYPOINT ["/usr/local/bin/stackrox-operator"]