#!BuildTag: harbor/harbor-notary-server:%%PKG_VERSION%%
#!BuildTag: harbor/harbor-notary-server:%%PKG_VERSION%%-rev%%IMAGE_REVISION%%
#!BuildTag: harbor/harbor-notary-server:%%PKG_VERSION%%-rev%%IMAGE_REVISION%%-build%RELEASE%

FROM suse/sle15:15.2

# labelprefix=com.suse.registry
PREFIXEDLABEL org.opencontainers.image.title="SUSE private registry, Harbor notary-server container"
PREFIXEDLABEL org.opencontainers.image.description="Harbor notary-server container image for SUSE private registry"
PREFIXEDLABEL org.opencontainers.image.created="%BUILDTIME%"
PREFIXEDLABEL org.opencontainers.image.vendor="SUSE LLC"
PREFIXEDLABEL org.opencontainers.image.url="https://www.suse.com/products/"
PREFIXEDLABEL org.opencontainers.image.version="%%PKG_VERSION%%-rev%%IMAGE_REVISION%%-build%RELEASE%"
PREFIXEDLABEL org.openbuildservice.disturl="%DISTURL%"
PREFIXEDLABEL org.opensuse.reference="registry.suse.com/harbor/harbor-notary-server:%%PKG_VERSION%%-rev%%IMAGE_REVISION%%-build%RELEASE%" 

RUN zypper --non-interactive in harbor harbor-migrate-patch-notary notary golang-migrate

RUN groupadd -r -g 10000 notary \
  && useradd --no-log-init -r -g 10000 -u 10000 notary \
  && cp -ar /var/lib/notary/migrations /migrations
  
ENV SERVICE_NAME=notary_server
USER notary
CMD /usr/bin/migrate-patch -database=${DB_URL} && /migrations/migrate.sh && /usr/bin/notary-server -config=/etc/notary/server-config.postgres.json -logf=logfmt