Mirror
/
MinIO
mirror of https://github.com/minio/minio.git
2
0
Fork 0
Code Issues Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11323 Commits
4 Branches
520 Tags
175 MiB
Tree: RELEASE.20
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'RELEASE.20'
${ noResults }
MinIO/Dockerfile.release

73 lines
3.0 KiB
Raw Permalink Normal View History

updating all dependencies as per regular cadence (#20646)
9 months ago
Add docker release files. (#4473) We used to release by building directly on the docker hub auto build process, which is sufficient for edge but it is not a good idea to do it for stable releases. Do not build docker release binaries again, but instead use the released binaries themselves which are signed and validated.
8 years ago
fix: docker buildx support for multiplatform build (#10983)
5 years ago
switch minio container base image to ubi-mciro (#18329) This commit changes the container base image from ubi-minimal to ubi-micro. The docker build process happens now in two stages. The build stage: - downloads the latest CA certificate bundle - downloads MinIO binary (for requested version/os/arch) - downloads MinIO binary signature and verifies it using minisign Then it creates an image based on ubi-micro with just the minio binary was downloaded and verified during the build stage. The build stage is simplified to just verifying the minisign signature. Signed-off-by: Andreas Auernhammer <github@aead.dev>
2 years ago
fix: docker buildx warnings
11 months ago
switch minio container base image to ubi-mciro (#18329) This commit changes the container base image from ubi-minimal to ubi-micro. The docker build process happens now in two stages. The build stage: - downloads the latest CA certificate bundle - downloads MinIO binary (for requested version/os/arch) - downloads MinIO binary signature and verifies it using minisign Then it creates an image based on ubi-micro with just the minio binary was downloaded and verified during the build stage. The build stage is simplified to just verifying the minisign signature. Signed-off-by: Andreas Auernhammer <github@aead.dev>
2 years ago
Download static cURL into release Docker image for all supported architectures (#20424) Download static cURL into release Docker image for all supported architectures. Currently, the static cURL executable is only downloaded for the `amd64` architecture. However, `arm64` and `ppc64le` variants are also [available](https://github.com/moparisthebest/static-curl/releases/tag/v8.7.1).
11 months ago
switch minio container base image to ubi-mciro (#18329) This commit changes the container base image from ubi-minimal to ubi-micro. The docker build process happens now in two stages. The build stage: - downloads the latest CA certificate bundle - downloads MinIO binary (for requested version/os/arch) - downloads MinIO binary signature and verifies it using minisign Then it creates an image based on ubi-micro with just the minio binary was downloaded and verified during the build stage. The build stage is simplified to just verifying the minisign signature. Signed-off-by: Andreas Auernhammer <github@aead.dev>
2 years ago
Download static cURL into release Docker image for all supported architectures (#20424) Download static cURL into release Docker image for all supported architectures. Currently, the static cURL executable is only downloaded for the `amd64` architecture. However, `arm64` and `ppc64le` variants are also [available](https://github.com/moparisthebest/static-curl/releases/tag/v8.7.1).
11 months ago
use latest minisign release (#18614)
2 years ago
switch minio container base image to ubi-mciro (#18329) This commit changes the container base image from ubi-minimal to ubi-micro. The docker build process happens now in two stages. The build stage: - downloads the latest CA certificate bundle - downloads MinIO binary (for requested version/os/arch) - downloads MinIO binary signature and verifies it using minisign Then it creates an image based on ubi-micro with just the minio binary was downloaded and verified during the build stage. The build stage is simplified to just verifying the minisign signature. Signed-off-by: Andreas Auernhammer <github@aead.dev>
2 years ago
Add signature and SHA to the Docker images (#20270) add signature and SHA to the Docker images
12 months ago
switch minio container base image to ubi-mciro (#18329) This commit changes the container base image from ubi-minimal to ubi-micro. The docker build process happens now in two stages. The build stage: - downloads the latest CA certificate bundle - downloads MinIO binary (for requested version/os/arch) - downloads MinIO binary signature and verifies it using minisign Then it creates an image based on ubi-micro with just the minio binary was downloaded and verified during the build stage. The build stage is simplified to just verifying the minisign signature. Signed-off-by: Andreas Auernhammer <github@aead.dev>
2 years ago
Add signature and SHA to the Docker images (#20270) add signature and SHA to the Docker images
12 months ago
switch minio container base image to ubi-mciro (#18329) This commit changes the container base image from ubi-minimal to ubi-micro. The docker build process happens now in two stages. The build stage: - downloads the latest CA certificate bundle - downloads MinIO binary (for requested version/os/arch) - downloads MinIO binary signature and verifies it using minisign Then it creates an image based on ubi-micro with just the minio binary was downloaded and verified during the build stage. The build stage is simplified to just verifying the minisign signature. Signed-off-by: Andreas Auernhammer <github@aead.dev>
2 years ago
Add signature and SHA to the Docker images (#20270) add signature and SHA to the Docker images
12 months ago
switch minio container base image to ubi-mciro (#18329) This commit changes the container base image from ubi-minimal to ubi-micro. The docker build process happens now in two stages. The build stage: - downloads the latest CA certificate bundle - downloads MinIO binary (for requested version/os/arch) - downloads MinIO binary signature and verifies it using minisign Then it creates an image based on ubi-micro with just the minio binary was downloaded and verified during the build stage. The build stage is simplified to just verifying the minisign signature. Signed-off-by: Andreas Auernhammer <github@aead.dev>
2 years ago
add support for older CPU via a new container image (#18370) fixes #18365
2 years ago
Add signature and SHA to the Docker images (#20270) add signature and SHA to the Docker images
12 months ago
add support for older CPU via a new container image (#18370) fixes #18365
2 years ago
switch minio container base image to ubi-mciro (#18329) This commit changes the container base image from ubi-minimal to ubi-micro. The docker build process happens now in two stages. The build stage: - downloads the latest CA certificate bundle - downloads MinIO binary (for requested version/os/arch) - downloads MinIO binary signature and verifies it using minisign Then it creates an image based on ubi-micro with just the minio binary was downloaded and verified during the build stage. The build stage is simplified to just verifying the minisign signature. Signed-off-by: Andreas Auernhammer <github@aead.dev>
2 years ago
Download static cURL into release Docker image for all supported architectures (#20424) Download static cURL into release Docker image for all supported architectures. Currently, the static cURL executable is only downloaded for the `amd64` architecture. However, `arm64` and `ppc64le` variants are also [available](https://github.com/moparisthebest/static-curl/releases/tag/v8.7.1).
11 months ago
add support for older CPU via a new container image (#18370) fixes #18365
2 years ago
fix: docker buildx support for multiplatform build (#10983)
5 years ago
add release build-arg to docker multiarch builds (#11752)
4 years ago
Remove alpine based image in favour or RedHat UBI (#11006)
5 years ago
add release build-arg to docker multiarch builds (#11752)
4 years ago
Remove alpine based image in favour or RedHat UBI (#11006)
5 years ago
change MAINTAINER to LABEL (#5843)
7 years ago
Revert "fix: remove deprecated MINIO_ACCESS_KEY, MINIO_SECRET_KEY envs (#12173)" This reverts commit b0baaeaa3ddee9573d3b1ac698e1182d2cc883fe.
4 years ago
feat: migrate to ROOT_USER/PASSWORD from ACCESS/SECRET_KEY (#11185)
5 years ago
kms: encrypt IAM/config data with the KMS (#12041) This commit changes the config/IAM encryption process. Instead of encrypting config data (users, policies etc.) with the root credentials MinIO now encrypts this data with a KMS - if configured. Therefore, this PR moves the MinIO-KMS configuration (via env. variables) to a "top-level" configuration. The KMS configuration cannot be stored in the config file since it is used to decrypt the config file in the first place. As a consequence, this commit also removes support for Hashicorp Vault - which has been deprecated anyway. Signed-off-by: Andreas Auernhammer <aead@mail.de>
4 years ago
Allow MinIO to load configurations from env file (#12706) docker-entrypoint.sh will load configuration values from 'config.env' file, this is useful when MinIO is deployed in Kubernetes environments and want to avoid reading secrets from environment variables Signed-off-by: Lenin Alevski <alevsk.8772@gmail.com>
4 years ago
fix: add Dockerfile.release* /opt/bin writable
4 years ago
switch minio container base image to ubi-mciro (#18329) This commit changes the container base image from ubi-minimal to ubi-micro. The docker build process happens now in two stages. The build stage: - downloads the latest CA certificate bundle - downloads MinIO binary (for requested version/os/arch) - downloads MinIO binary signature and verifies it using minisign Then it creates an image based on ubi-micro with just the minio binary was downloaded and verified during the build stage. The build stage is simplified to just verifying the minisign signature. Signed-off-by: Andreas Auernhammer <github@aead.dev>
2 years ago
fix: the permissions one more time on /usr/bin fixes https://github.com/minio/operator/issues/2319
11 months ago
fix: /usr/bin path permissions for docker
11 months ago
switch minio container base image to ubi-mciro (#18329) This commit changes the container base image from ubi-minimal to ubi-micro. The docker build process happens now in two stages. The build stage: - downloads the latest CA certificate bundle - downloads MinIO binary (for requested version/os/arch) - downloads MinIO binary signature and verifies it using minisign Then it creates an image based on ubi-micro with just the minio binary was downloaded and verified during the build stage. The build stage is simplified to just verifying the minisign signature. Signed-off-by: Andreas Auernhammer <github@aead.dev>
2 years ago
Ensure that sig/sha are in the same layer (#20282)
11 months ago
Download static cURL into release Docker image for all supported architectures (#20424) Download static cURL into release Docker image for all supported architectures. Currently, the static cURL executable is only downloaded for the `amd64` architecture. However, `arm64` and `ppc64le` variants are also [available](https://github.com/moparisthebest/static-curl/releases/tag/v8.7.1).
11 months ago
Support in-place upgrades of new minio binary and releases. (#4961) This PR allows 'minio update' to not only shows update banner but also allows for in-place upgrades. Updates are done safely by validating the downloaded sha256 of the binary. Fixes #4781
8 years ago
fix: docker buildx support for multiplatform build (#10983)
5 years ago
switch minio container base image to ubi-mciro (#18329) This commit changes the container base image from ubi-minimal to ubi-micro. The docker build process happens now in two stages. The build stage: - downloads the latest CA certificate bundle - downloads MinIO binary (for requested version/os/arch) - downloads MinIO binary signature and verifies it using minisign Then it creates an image based on ubi-micro with just the minio binary was downloaded and verified during the build stage. The build stage is simplified to just verifying the minisign signature. Signed-off-by: Andreas Auernhammer <github@aead.dev>
2 years ago
Add docker release files. (#4473) We used to release by building directly on the docker hub auto build process, which is sufficient for edge but it is not a good idea to do it for stable releases. Do not build docker release binaries again, but instead use the released binaries themselves which are signed and validated.
8 years ago
Update volume in Dockerfiles (#5646) All sample commands in Minio docs use the volume path as /data. Updated the dockerfiles to follow the same pattern. Fixes #5635
7 years ago
Add docker release files. (#4473) We used to release by building directly on the docker hub auto build process, which is sufficient for edge but it is not a good idea to do it for stable releases. Do not build docker release binaries again, but instead use the released binaries themselves which are signed and validated.
8 years ago
switch minio container base image to ubi-mciro (#18329) This commit changes the container base image from ubi-minimal to ubi-micro. The docker build process happens now in two stages. The build stage: - downloads the latest CA certificate bundle - downloads MinIO binary (for requested version/os/arch) - downloads MinIO binary signature and verifies it using minisign Then it creates an image based on ubi-micro with just the minio binary was downloaded and verified during the build stage. The build stage is simplified to just verifying the minisign signature. Signed-off-by: Andreas Auernhammer <github@aead.dev>
2 years ago
Add docker release files. (#4473) We used to release by building directly on the docker hub auto build process, which is sufficient for edge but it is not a good idea to do it for stable releases. Do not build docker release binaries again, but instead use the released binaries themselves which are signed and validated.
8 years ago
  1. FROM golang:1.23-alpine AS build
  3. ARG TARGETARCH
  4. ARG RELEASE
  6. ENV GOPATH=/go
  7. ENV CGO_ENABLED=0
  9. WORKDIR /build
  11. # Install curl and minisign
  12. RUN apk add -U --no-cache ca-certificates && \
  13. apk add -U --no-cache curl && \
  14. apk add -U --no-cache bash && \
  15. go install aead.dev/minisign/cmd/minisign@v0.2.1
  17. # Download minio binary and signature files
  18. RUN curl -s -q https://dl.min.io/server/minio/release/linux-${TARGETARCH}/archive/minio.${RELEASE} -o /go/bin/minio && \
  19. curl -s -q https://dl.min.io/server/minio/release/linux-${TARGETARCH}/archive/minio.${RELEASE}.minisig -o /go/bin/minio.minisig && \
  20. curl -s -q https://dl.min.io/server/minio/release/linux-${TARGETARCH}/archive/minio.${RELEASE}.sha256sum -o /go/bin/minio.sha256sum && \
  21. chmod +x /go/bin/minio
  23. # Download mc binary and signature files
  24. RUN curl -s -q https://dl.min.io/client/mc/release/linux-${TARGETARCH}/mc -o /go/bin/mc && \
  25. curl -s -q https://dl.min.io/client/mc/release/linux-${TARGETARCH}/mc.minisig -o /go/bin/mc.minisig && \
  26. curl -s -q https://dl.min.io/client/mc/release/linux-${TARGETARCH}/mc.sha256sum -o /go/bin/mc.sha256sum && \
  27. chmod +x /go/bin/mc
  29. # Verify binary signature using public key "RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRywVWGbP1aVSGavRUN"
  30. RUN minisign -Vqm /go/bin/minio -x /go/bin/minio.minisig -P RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRywVWGbP1aVSGav && \
  31. minisign -Vqm /go/bin/mc -x /go/bin/mc.minisig -P RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRywVWGbP1aVSGav
  33. COPY dockerscripts/download-static-curl.sh /build/download-static-curl
  34. RUN chmod +x /build/download-static-curl && \
  35. /build/download-static-curl
  37. FROM registry.access.redhat.com/ubi9/ubi-micro:latest
  39. ARG RELEASE
  41. LABEL name="MinIO" \
  42. vendor="MinIO Inc <dev@min.io>" \
  43. maintainer="MinIO Inc <dev@min.io>" \
  44. version="${RELEASE}" \
  45. release="${RELEASE}" \
  46. summary="MinIO is a High Performance Object Storage, API compatible with Amazon S3 cloud storage service." \
  47. description="MinIO object storage is fundamentally different. Designed for performance and the S3 API, it is 100% open-source. MinIO is ideal for large, private cloud environments with stringent security requirements and delivers mission-critical availability across a diverse range of workloads."
  49. ENV MINIO_ACCESS_KEY_FILE=access_key \
  50. MINIO_SECRET_KEY_FILE=secret_key \
  51. MINIO_ROOT_USER_FILE=access_key \
  52. MINIO_ROOT_PASSWORD_FILE=secret_key \
  53. MINIO_KMS_SECRET_KEY_FILE=kms_master_key \
  54. MINIO_UPDATE_MINISIGN_PUBKEY="RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRywVWGbP1aVSGav" \
  55. MINIO_CONFIG_ENV_FILE=config.env \
  56. MC_CONFIG_DIR=/tmp/.mc
  58. RUN chmod -R 777 /usr/bin
  60. COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
  61. COPY --from=build /go/bin/minio* /usr/bin/
  62. COPY --from=build /go/bin/mc* /usr/bin/
  63. COPY --from=build /go/bin/curl* /usr/bin/
  65. COPY CREDITS /licenses/CREDITS
  66. COPY LICENSE /licenses/LICENSE
  67. COPY dockerscripts/docker-entrypoint.sh /usr/bin/docker-entrypoint.sh
  69. EXPOSE 9000
  70. VOLUME ["/data"]
  72. ENTRYPOINT ["/usr/bin/docker-entrypoint.sh"]
  73. CMD ["minio"]