56 lines
2.4 KiB
Docker
56 lines
2.4 KiB
Docker
# ---------------------------------------------------------------------------
|
|
# Dockerfile.runtime-assets
|
|
#
|
|
# Lightweight data image that packages runtime assets (ML models, JDK, Ghidra,
|
|
# certificates) into named volumes for Stella Ops services.
|
|
#
|
|
# Usage:
|
|
# 1. Acquire assets first:
|
|
# ./devops/runtime-assets/acquire.sh --all
|
|
#
|
|
# 2. Build the data image:
|
|
# docker build -f devops/runtime-assets/Dockerfile.runtime-assets \
|
|
# -t stellaops/runtime-assets:latest .
|
|
#
|
|
# 3. Use in docker-compose (see docker-compose.runtime-assets.yml)
|
|
#
|
|
# The image runs a one-shot copy to populate named volumes, then exits.
|
|
# Services mount the same volumes read-only.
|
|
# ---------------------------------------------------------------------------
|
|
|
|
FROM busybox:1.37 AS base
|
|
|
|
LABEL org.opencontainers.image.title="stellaops-runtime-assets"
|
|
LABEL org.opencontainers.image.description="Runtime data assets for Stella Ops (ML models, certificates, tools)"
|
|
LABEL org.opencontainers.image.vendor="stella-ops.org"
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# ML Models
|
|
# ---------------------------------------------------------------------------
|
|
COPY src/AdvisoryAI/StellaOps.AdvisoryAI/models/ /data/models/
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Certificates and trust bundles
|
|
# ---------------------------------------------------------------------------
|
|
COPY etc/trust-profiles/assets/ /data/certificates/trust-profiles/
|
|
COPY etc/authority/keys/ /data/certificates/authority/
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# License attribution (required by Apache-2.0 and MIT)
|
|
# ---------------------------------------------------------------------------
|
|
COPY NOTICE.md /data/licenses/NOTICE.md
|
|
COPY third-party-licenses/ /data/licenses/third-party/
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Manifest for verification
|
|
# ---------------------------------------------------------------------------
|
|
COPY devops/runtime-assets/manifest.yaml /data/manifest.yaml
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Entrypoint: copy assets to volume mount points, then exit
|
|
# ---------------------------------------------------------------------------
|
|
COPY devops/runtime-assets/init-volumes.sh /init-volumes.sh
|
|
RUN chmod +x /init-volumes.sh
|
|
|
|
ENTRYPOINT ["/init-volumes.sh"]
|