Skip to content
This repository has been archived by the owner on Feb 11, 2025. It is now read-only.

Dockerize bindle #343

Merged
merged 2 commits into from
Sep 30, 2022
Merged

Dockerize bindle #343

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
3c9d5ae
feat: add Dockerfile
FrankYang0529 Sep 30, 2022
4ce8959
feat(docs): add using bindle-server in container
FrankYang0529 Sep 30, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 24 additions & 0 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
FROM rust:1.61 as builder

WORKDIR /app
COPY . /app
RUN cargo build --release --all-features --bin bindle-server

FROM rust:1.61-slim-buster

ARG USERNAME=bindle
ARG USER_UID=1000
ARG USER_GID=$USER_UID

VOLUME [ "/bindle-data" ]

ENV BINDLE_IP_ADDRESS_PORT="0.0.0.0:8080"
ENV BINDLE_DIRECTORY="/bindle-data/bindles"

RUN groupadd --gid $USER_GID $USERNAME \
&& useradd --uid $USER_UID --gid $USER_GID -m $USERNAME

COPY --from=builder --chown=$USERNAME /app/target/release/bindle-server /usr/local/bin/bindle-server

USER $USERNAME
CMD ["/usr/local/bin/bindle-server", "--unauthenticated", "--keyring", "/bindle-data/keyring.toml"]
4 changes: 4 additions & 0 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,3 +80,7 @@ build-client:

$(CERT_NAME).crt.pem:
openssl req -newkey rsa:2048 -nodes -keyout $(CERT_NAME).key.pem -x509 -days 365 -out $(CERT_NAME).crt.pem

.PHONY: build-docker-image
build-docker-image:
docker build -t deislabs/bindle:dev .
56 changes: 56 additions & 0 deletions docs/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -219,6 +219,62 @@ This file can be moved from system to system, just like OpenPGP or SSH key sets.
- To create a signing key for a client, use `bindle keys create`
- By default, if Bindle does not find an existing keyring, it creates one of these when it first starts.

## Running bindle-server in container

1. Run `make build-docker-image` to build `deislabs/bindle:dev` image.
2. Create a signing key.
```console
$ BINDLE_TEMP=$(mktemp -d)
$ echo $BINDLE_TEMP
$ export BINDLE_KEYRING=$BINDLE_TEMP/client/keyring.toml
$ bindle keys create "VishnuJin<me@example.com>" -f $BINDLE_TEMP/client/secret_keys.toml
```
3. Setup a folder for server and copy public keyring in it.
```console
$ mkdir $BINDLE_TEMP/server
$ cp $BINDLE_TEMP/client/keyring.toml $BINDLE_TEMP/server/keyring.toml
```
4. Start `bindle-server` container.
```console
$ docker run --name bindle -d --restart=unless-stopped -e RUST_LOG=debug -v $BINDLE_TEMP/server:/bindle-data -p 8080:8080 deislabs/bindle:dev
```
5. Send a signed-invoice.
```console
$ cat <<EOF > invoice.toml
bindleVersion = "1.0.0"

[bindle]
name = "mybindle"
version = "0.1.0"
authors = ["Matt Butcher <matt.butcher@microsoft.com>"]
description = "My first bindle"

[annotations]
myname = "myvalue"

$ export BINDLE_URL="http://localhost:8080/v1/"
# signing the invoice
$ bindle sign-invoice invoice.toml -o signed-invoice.toml -l "VishnuJin<me@example.com>" -f $BINDLE_TEMP/client/secret_keys.toml
$ bindle push-invoice signed-invoice.toml
Invoice mybindle/0.1.0 created
```
6. Check the signed invoice.
```console
$ bindle keys fetch
$ bindle info mybindle/0.1.0
# request for mybindle/0.1.0
bindleVersion = "1.0.0"

[bindle]
name = "mybindle"
description = "My first bindle"
version = "0.1.0"
authors = ["Matt Butcher <matt.butcher@microsoft.com>"]

[annotations]
myname = "myvalue"
```

## Specification

1. The specification for the Bindle format and design begins with the [Bindle Specification](bindle-spec.md).
Expand Down