gvisor.dev/gvisor@v0.0.0-20240520182842-f9d4d51c7e0f/images/certs/Dockerfile

gvisor.dev/gvisor@v0.0.0-20240520182842-f9d4d51c7e0f/images/certs/Dockerfile (about)

     1  # Generates the a CA cert, a server key, and a server cert signed by the CA.
     2  # reference:
     3  # https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/testcerts/gencerts.sh
     4  FROM ubuntu:18.04
     5  WORKDIR /certs
     6  ADD server.conf /conf/server.conf
     7  # Install openssl.
     8  RUN apt-get update && apt-get install -y openssl
     9  # Create all certificates.
    10  CMD openssl genrsa -out caKey.pem 2048 && \
    11      openssl req -x509 -new -nodes -key caKey.pem -days 100000 -out caCert.pem -subj "/CN=e2e_ca" -config /conf/server.conf && \
    12      openssl genrsa -out serverKey.pem 2048 && \
    13      openssl req -new -key serverKey.pem -out server.csr -subj "/CN=gvisor-injection-admission-webhook.e2e.svc" -config /conf/server.conf && \
    14      openssl x509 -req -in server.csr -CA caCert.pem -CAkey caKey.pem -CAcreateserial -out serverCert.pem -days 100000 -extensions v3_req -extfile /conf/server.conf