Skip to content

Commit 37f68b5

Browse files
ikethecoderikethecoder
authored
Add trust-kms to Dockerfile and update environment variables
1 parent 1f13405 commit 37f68b5

File tree

1 file changed

+4
-3
lines changed

1 file changed

+4
-3
lines changed

sdx/image/Dockerfile

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ USER root
55

66
RUN apt-get update && apt-get -y install unzip curl
77

8-
RUN echo add trust-jwks
8+
RUN echo add trust-jwks trust-kms
99
RUN git clone -b feature/mtls https://github.com/bcgov/kong-oss-plugins.git \
1010
&& cd kong-oss-plugins \
1111
&& (cd plugins/dpop && luarocks make) \
@@ -23,6 +23,7 @@ RUN git clone -b feature/mtls https://github.com/bcgov/kong-oss-plugins.git \
2323
&& (cd plugins/response-signer && luarocks make) \
2424
&& (cd plugins/token-exchange && luarocks make) \
2525
&& (cd plugins/trust-jwks && luarocks make) \
26+
&& (cd plugins/trust-kms && luarocks make) \
2627
&& (cd plugins/trust-ledger && luarocks make) \
2728
&& (cd plugins/trust-registry && luarocks make) \
2829
&& (cd plugins/trust-sign && luarocks make) \
@@ -111,7 +112,7 @@ ENV KONG_CLIENT_SSL_CERT="/etc/secrets/sdx-edge-client-cert/tls.crt"
111112
ENV KONG_CLIENT_SSL_CERT_KEY="/etc/secrets/sdx-edge-client-cert/tls.key"
112113

113114
# Make the env var available for using in custom plugins
114-
ENV KONG_NGINX_MAIN_ENV="KONG_SIGNING_CERT; env KONG_SIGNING_CERT_KEY"
115+
ENV KONG_NGINX_MAIN_ENV="KONG_SIGNING_CERT;env KONG_SIGNING_CERT_KEY;env AWS_ACCESS_KEY_ID;env AWS_SECRET_ACCESS_KEY;env AWS_REGION"
115116

116117
# Client certificate to present when proxying to upstream services
117118
ENV KONG_NGINX_PROXY_PROXY_SSL_CERTIFICATE="/etc/secrets/sdx-edge-client-cert/tls.crt"
@@ -162,7 +163,7 @@ ENV KONG_REAL_IP_HEADER="X-Forwarded-For"
162163
# Plugins Configuration
163164
# ============================================
164165
# Enables bundled plugins plus custom authentication, rate limiting, and security plugins
165-
ENV KONG_PLUGINS="bundled, jwt-keycloak_1010, rate-limiting_902, pre-function_770, post-function_200, post-function_201, oidc, oidc-consumer, kong-spec-expose, jwt-keycloak, kong-upstream-jwt, bcgov-gwa-endpoint, gwa-ip-anonymity, mtls-auth, mtls-acl, openid-authzen, response-signer, dpop, token-exchange, trust-jwks, trust-ledger, trust-registry, trust-sign, trust-timestamp, trust-verify-digest, trust-verify-signature"
166+
ENV KONG_PLUGINS="bundled, jwt-keycloak_1010, rate-limiting_902, pre-function_770, post-function_200, post-function_201, oidc, oidc-consumer, kong-spec-expose, jwt-keycloak, kong-upstream-jwt, bcgov-gwa-endpoint, gwa-ip-anonymity, mtls-auth, mtls-acl, openid-authzen, response-signer, dpop, token-exchange, trust-jwks, trust-kms, trust-ledger, trust-registry, trust-sign, trust-timestamp, trust-verify-digest, trust-verify-signature"
166167

167168
# Custom Lua module search path for plugin code
168169
ENV KONG_LUA_PACKAGE_PATH="/opt/?.lua;/opt/?/init.lua;;"

0 commit comments

Comments
 (0)