now Just support maven
This is an example of how to easily build a encrypted image for a Spring Boot application with Jib.
You can containerize the application with one of the following commands.
Maven:
make buildTar
you can find the regular tarball and encrytped image tarball in target
path.
ocicrypt-0.0.1.tar
ocicrypt-0.0.1.tar.encrypted
-
just support JWE wrap method;
-
just support OCI format image;
-
encrypted tarball extension name,
encrypted
<plugin>
<groupId>com.google.cloud.tools</groupId>
<artifactId>jib-maven-plugin</artifactId>
<version>3.2.1</version>
<configuration>
<from>
<platforms>
<platform>
<os>linux</os>
<architecture>amd64</architecture>
</platform>
</platforms>
</from>
<to>
<image>${registry.address}${project.artifactId}:${project.version}</image>
</to>
<container>
<mainClass>org.containers.ocicrypt.OciCryptoJibApplication</mainClass>
<format>OCI</format>
</container>
<outputPaths>
<tar>${project.build.directory}\${project.artifactId}-${project.version}.tar</tar>
<key>${project.basedir}\src\test\resources\pubkey.pem</key>
<wrap>JWE</wrap>
</outputPaths>
</configuration>
</plugin>
we are add two element to do this.
-
<key>, publickey path
-
<wrap>, wrap method, include: JWE/PKCS11/PKCS7, just support JWE now.
Learn more about Jib.
Learn more about ocicrypt.