File tree Expand file tree Collapse file tree 4 files changed +61
-7
lines changed Expand file tree Collapse file tree 4 files changed +61
-7
lines changed Original file line number Diff line number Diff line change 1
- ### Description
2
- Please describe your pull request.
1
+ <!---
2
+ Please provide answers in the spaces below each prompt, where applicable.
3
+ Not every PR requires responses for each prompt.
4
+ Use your discretion.
5
+ -->
6
+ #### Name of feature:
7
+
8
+ #### Pain or issue this feature alleviates:
9
+
10
+ #### Why is this important to the project (if not answered above):
11
+
12
+ #### Is there documentation on how to use this feature? If so, where?
13
+
14
+ #### In what environments or workflows is this feature supported?
15
+
16
+ #### In what environments or workflows is this feature explicitly NOT supported (if any)?
17
+
18
+ #### Supporting links/other PRs/issues:
3
19
4
20
💔Thank you!
Original file line number Diff line number Diff line change @@ -3,15 +3,15 @@ FROM golang:alpine AS builder
3
3
WORKDIR /src
4
4
COPY . .
5
5
6
- RUN apk add --no-cache \
7
- curl \
8
- git \
9
- make && \
10
- make V=1 bin/step-ca
6
+ RUN apk add --no-cache curl git make
7
+ RUN make V=1 bin/step-ca bin/step-awskms-init bin/step-cloudkms-init
8
+
11
9
12
10
FROM smallstep/step-cli:latest
13
11
14
12
COPY --from=builder /src/bin/step-ca /usr/local/bin/step-ca
13
+ COPY --from=builder /src/bin/step-awskms-init /usr/local/bin/step-awskms-init
14
+ COPY --from=builder /src/bin/step-cloudkms-init /usr/local/bin/step-cloudkms-init
15
15
16
16
USER root
17
17
RUN apk add --no-cache libcap && setcap CAP_NET_BIND_SERVICE=+eip /usr/local/bin/step-ca
Original file line number Diff line number Diff line change
1
+ FROM golang:alpine AS builder
2
+
3
+ WORKDIR /src
4
+ COPY . .
5
+
6
+ RUN apk add --no-cache curl git make
7
+ RUN apk add --no-cache gcc musl-dev pkgconf pcsc-lite-dev
8
+ RUN make V=1 GOFLAGS="" build
9
+
10
+
11
+ FROM smallstep/step-cli:latest
12
+
13
+ COPY --from=builder /src/bin/step-ca /usr/local/bin/step-ca
14
+ COPY --from=builder /src/bin/step-awskms-init /usr/local/bin/step-awskms-init
15
+ COPY --from=builder /src/bin/step-cloudkms-init /usr/local/bin/step-cloudkms-init
16
+ COPY --from=builder /src/bin/step-pkcs11-init /usr/local/bin/step-pkcs11-init
17
+ COPY --from=builder /src/bin/step-yubikey-init /usr/local/bin/step-yubikey-init
18
+
19
+ USER root
20
+ RUN apk add --no-cache libcap && setcap CAP_NET_BIND_SERVICE=+eip /usr/local/bin/step-ca
21
+ RUN apk add --no-cache pcsc-lite pcsc-lite-libs
22
+ USER step
23
+
24
+ ENV CONFIGPATH="/home/step/config/ca.json"
25
+ ENV PWDPATH="/home/step/secrets/password"
26
+
27
+ VOLUME ["/home/step"]
28
+ STOPSIGNAL SIGTERM
29
+ HEALTHCHECK CMD step ca health 2>/dev/null | grep "^ok" >/dev/null
30
+
31
+ COPY docker/entrypoint.sh /entrypoint.sh
32
+
33
+ ENTRYPOINT ["/bin/bash", "/entrypoint.sh"]
34
+ CMD exec /usr/local/bin/step-ca --password-file $PWDPATH $CONFIGPATH
Original file line number Diff line number Diff line change @@ -53,6 +53,10 @@ function step_ca_init () {
53
53
mv $STEPPATH /password $PWDPATH
54
54
}
55
55
56
+ if [ -f /usr/sbin/pcscd ]; then
57
+ /usr/sbin/pcscd
58
+ fi
59
+
56
60
if [ ! -f " ${STEPPATH} /config/ca.json" ]; then
57
61
init_if_possible
58
62
fi
You can’t perform that action at this time.
0 commit comments