ervu-sign-module/Dockerfile.micord

ARG BUILDER_IMAGE=repo.micord.ru/alt/alt-cprocsp:c10f1-5.0.13000-20241129
ARG RUNTIME_IMAGE=registry.altlinux.org/basealt/altsp:c10f1

FROM ${BUILDER_IMAGE} AS builder

RUN apt-get update \
 && apt-get -y install \
       crontabs \
       glibc-locales \
       unzip \
       glib2-devel \
       libfcgi-devel \
       cmake \
       make \
       gcc \
       gcc10 \
       libjson-glib libjson-glib-devel

WORKDIR /build
COPY src src
COPY CMakeLists.txt CMakeLists.txt

RUN mkdir -p .build \
 && cd .build \
 && cmake .. \
 && make -j4


FROM ${RUNTIME_IMAGE}

ENV TZ=Europe/Moscow

COPY entrypoint.sh /entrypoint.sh

RUN apt-get update \
 && apt-get -y install glib2 libfcgi libjson-glib \
 && apt-get clean \
 && rm -f /var/cache/apt/*.bin \
 && rm -f /var/lib/apt/lists/update* \
 && chmod +x /entrypoint.sh \
 && groupadd --system --gid 500 ervu \
 && adduser --system --no-create-home --uid 500 --gid 500 ervu

COPY --from=builder /usr/lib/locale/ru_RU.utf8 /usr/lib/locale/ru_RU.utf8
COPY --from=builder /etc/opt/cprocsp /etc/opt/cprocsp
COPY --from=builder /opt/cprocsp /opt/cprocsp
COPY --from=builder /var/opt/cprocsp /var/opt/cprocsp
COPY --from=builder /build/.build/ervu-sign-module /opt/ervu-sign-module/ervu-sign-module

#VOLUME /var/opt/cprocsp/keys/ervu/7h96bfno.000

EXPOSE 9009

ARG ESIA_CA_CERT=test_ca_rtk3.cer
COPY conf/${ESIA_CA_CERT} ${ESIA_CA_CERT} 
RUN /opt/cprocsp/bin/amd64/certmgr -install -store mRoot -file "${ESIA_CA_CERT}"

USER ervu

ARG ESIA_CERT="TESIA GOST 2012 new.cer"
ARG ESIA_CA_CRL=b0fd8eb959d9489d5b7b4c143a06cad7952a0744.crl
COPY --chown=ervu:ervu conf/${ESIA_CERT} ${ESIA_CERT} 
COPY --chown=ervu:ervu conf/${ESIA_CA_CRL} ${ESIA_CA_CRL} 

RUN /opt/cprocsp/bin/amd64/certmgr -install -file "${ESIA_CERT}" \
  && /opt/cprocsp/bin/amd64/certmgr -install -store uCA -crl -file "${ESIA_CA_CRL}"

ENTRYPOINT ["/entrypoint.sh"]