{"id":22268092,"url":"https://github.com/curityio/idsvr-docker","last_synced_at":"2025-08-13T02:48:01.239Z","repository":{"id":43165552,"uuid":"203548069","full_name":"curityio/idsvr-docker","owner":"curityio","description":"Docker-related files, resources, and information for the Curity Identity Server","archived":false,"fork":false,"pushed_at":"2025-07-03T17:29:16.000Z","size":562,"stargazers_count":9,"open_issues_count":0,"forks_count":3,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-07-03T18:37:43.906Z","etag":null,"topics":["curity","deployment","docker"],"latest_commit_sha":null,"homepage":"https://curity.io/resources/learn/run-curity-docker/","language":"Dockerfile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/curityio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2019-08-21T09:09:38.000Z","updated_at":"2025-07-03T17:29:20.000Z","dependencies_parsed_at":"2023-11-06T12:35:42.544Z","dependency_job_id":"51bfa236-c495-4ed8-b6f1-2bf7fd29d8b7","html_url":"https://github.com/curityio/idsvr-docker","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/curityio/idsvr-docker","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fidsvr-docker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fidsvr-docker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fidsvr-docker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fidsvr-docker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/curityio","download_url":"https://codeload.github.com/curityio/idsvr-docker/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fidsvr-docker/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":270170535,"owners_count":24539360,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-13T02:00:09.904Z","response_time":66,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["curity","deployment","docker"],"created_at":"2024-12-03T11:11:05.680Z","updated_at":"2025-08-13T02:48:00.933Z","avatar_url":"https://github.com/curityio.png","language":"Dockerfile","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Docker-related Files and Info\n\n[![Quality](https://img.shields.io/badge/quality-production-green)](https://curity.io/resources/code-examples/status/)\n[![Availability](https://img.shields.io/badge/availability-binary-blue)](https://curity.io/resources/code-examples/status/)\n\nThis repository contains Dockerfiles and other resources that can be used to create Docker images of the [Curity Identity Server](https://curity.io). \n\n# Usage\n\n* Download the linux release from the [Curity Developer portal](https://developer.curity.io/downloads)\n* Extract the release in the `\u003cVERSION\u003e` directory of this project\n* Run the command `VERSION=X.X.X ./build-images.sh $VERSION`\n\nThis will build the images using the Dockerfile(s) of the specific version locally.\n\n# Adding a new version\n\nIn order to add a new version, run the following `VERSION=X.X.X ./add-release.sh`\n\n# Image updates \n\nSince the base OS of the images can regularly be patched, the script `update-multiplatform-images.sh` is run every day to make sure that the images contain the latest security fixes. \n\nThe script downloads the releases from Curity's release API, pulls the latest base OS images and rebuilds all the versions. If there is a change in the OS, the docker cache won't be used and the new images will be pushed to Curity's Azure Container Registry.\n  \nSo, the tag of the form `\u003cversion\u003e-\u003cos\u003e` always contains the latest built image.\n\nAlso, the tag `\u003cminor\u003e-\u003cos\u003e`, i.e `9.0-ubuntu` is updated with a new patch version if that exists. So if `9.0.1` is released, the `9.0-\u003cos\u003e` tags will point to `9.0.1-\u003cos\u003e` tag and after that point only the latest patch for each minor version will be daily updated.\n\n# Building a single image\n\n* Download the linux release from the [Curity Developer portal](https://developer.curity.io/downloads)\n* Extract the release in the `VERSION` directory of this project\n* Run the command `docker build -t \u003cimage_tag\u003e -f \u003cVERSION\u003e/\u003cDISTRO\u003e/Dockerfile \u003cVERSION\u003e`  \n\n# Customizing the image\n\nThe Curity Identity Server is a Java based product and can run in many docker setups.\\\nThe default docker image runs as a low privilege `10001` user account (`idsvr`).\\\nCustomers can update this user account and apply their own image policy when required.\n\n## Kubernetes Non Root Check\n\nYou may need to deploy the docker image and also use the Kubernetes `runAsNonRoot` security context setting:\n\n```yaml\nspec:\n  securityContext:\n    runAsNonRoot: true\n  containers:\n  - name: curity\n    image: custom_idsvr:latest\n```\n\nIf so, you will need to configure a numeric user ID.\\\nDo so by removing the default user and adding a numeric user and group.\\\nThen change file ownership to that user, which will inherit existing permissions.\n\n```dockerfile\nFROM curity.azurecr.io/curity/idsvr:latest\nUSER root\n\nRUN deluser idsvr \u0026\u0026 \\\n    groupadd --system --gid 10000 idsvr \u0026\u0026 \\\n    useradd  --system --gid idsvr --uid 10001 --shell /bin/bash --create-home idsvr \u0026\u0026 \\\n    chown -R 10001 /opt/idsvr\nUSER 10001\n```\n\n\u003e [!IMPORTANT]\n\u003e Images after version 9.0.0 already use the user `10001` instead of `idsvr` which means the `runAsNonRoot: true` securityContext is allowed by default  \n\n## Custom image based on the provided images\n\nIf you need to install extra tools, you can do so by overlaying our image. \nIn some cases, operation can only run with the root user. In that case it is advisable to switch to the root user, perform the operation that requires more permissions and then switch back to the user of the image\n\n```dockerfile\nUSER root \n...\nRUN apt-get install -y curl\n...\nUSER 10001:1000\n\n```\nAlso copying resources in the server files, i.e plugins can be done like so:\n```dockerfile\nCOPY --chown=10001:10000 custom-plugin.jar /opt/idsvr/usr/share/plugins/custom-plugin-group/\n```\n\n\u003e [!NOTE]\n\u003e For images before version 9.0.0 use `USER idsvr:idsvr`\n\n\n# Contributing\n\nPull requests are welcome. To do so, just fork this repo, and submit a pull request. \n\n# License\n\nThe software running in the Docker containers produced by the Dockerfiles maintained in this repository is licensed by Curity AB and others. The Docker-related files and resources maintained in this respository are licensed under the [Apache 2 license](LICENSE).\n\n# More Information\n\nPlease visit [curity.io](https://curity.io/) for more information about the Curity Identity Server.\n\nCopyright (C) 2019 Curity AB.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Fidsvr-docker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcurityio%2Fidsvr-docker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Fidsvr-docker/lists"}