Skip to content

Commit f5fe0f4

Browse files
chambridgechambridge
authored
feat(rhcloud-40657): Updates for hermetic build Dockerfile ecosystem cert checks (#253)
1 parent 07aeb0d commit f5fe0f4

File tree

2 files changed

+13
-6
lines changed

2 files changed

+13
-6
lines changed

Dockerfile.hermetic

Lines changed: 12 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -52,8 +52,15 @@ LABEL com.redhat.component="landing-page-frontend-hermetic" \
5252
maintainer="Red Hat Console Team <[email protected]>" \
5353
summary="Red Hat Console Landing Page Frontend"
5454

55-
# Create hermetic-build directory and copy built files from builder stage
56-
RUN mkdir -p /hermetic-build
57-
COPY --from=builder /opt/app-root/src/dist /hermetic-build/dist
58-
COPY --from=builder /opt/app-root/src/package.json /hermetic-build/package.json
59-
COPY --from=builder /opt/app-root/src/package-lock.json /hermetic-build/package-lock.json
55+
# Create licenses directory and copy licenses
56+
RUN mkdir -p /licenses
57+
COPY --from=builder /opt/app-root/LICENSE /licenses/
58+
59+
# Create srv directory and copy built files from builder stage
60+
RUN mkdir -p /srv
61+
COPY --from=builder /opt/app-root/src/dist /srv/dist
62+
COPY --from=builder /opt/app-root/src/package.json /srv/package.json
63+
COPY --from=builder /opt/app-root/src/package-lock.json /srv/package-lock.json
64+
65+
# Set to non-root user
66+
USER 1001

README-hermetic-build.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ Based on our experience setting up hermetic builds for the landing-page-frontend
44

55
## **Overview**
66

7-
A hermetic build ensures your frontend application builds in a completely isolated environment without external network access, using only pre-fetched dependencies. This guide uses a shared Dockerfile provided through the `insights-frontend-builder-common` repository. The resulting container will include the build artifacts, package.json, and package-lock.json files organized under a `/hermetic-build` directory.
7+
A hermetic build ensures your frontend application builds in a completely isolated environment without external network access, using only pre-fetched dependencies. This guide uses a shared Dockerfile provided through the `insights-frontend-builder-common` repository. The resulting container will include the build artifacts, package.json, and package-lock.json files organized under a `/srv` directory.
88

99
## **Prerequisites**
1010

0 commit comments

Comments
 (0)