From 04d05b63700669c1ff0b8ea961e3c1e716aba30c Mon Sep 17 00:00:00 2001
From: as14692 <as14692@nyu.edu>
Date: Mon, 4 Dec 2023 11:44:17 -0800
Subject: [PATCH] Add credentials-fetcher Dockerfile

---
 .../credentialsfetcher/Dockerfile             | 31 +++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 ecs-agent/daemonimages/credentialsfetcher/Dockerfile

diff --git a/ecs-agent/daemonimages/credentialsfetcher/Dockerfile b/ecs-agent/daemonimages/credentialsfetcher/Dockerfile
new file mode 100644
index 00000000000..dd6ae28c65d
--- /dev/null
+++ b/ecs-agent/daemonimages/credentialsfetcher/Dockerfile
@@ -0,0 +1,31 @@
+# Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"). You may
+# not use this file except in compliance with the License. A copy of the
+# License is located at
+#
+#       http://aws.amazon.com/apache2.0/
+#
+# or in the "license" file accompanying this file. This file is distributed
+# on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+# express or implied. See the License for the specific language governing
+# permissions and limitations under the License.
+
+# use minimal amazonlinux:2023 base for credentials-fetcher image
+FROM public.ecr.aws/amazonlinux/amazonlinux:2023-minimal
+
+RUN dnf install -y krb5-workstation jq unzip && mkdir /krb5 && chmod 755 /krb5
+RUN dnf install -y sssd
+RUN dnf install -y realmd
+RUN dnf install -y which
+RUN dnf install -y credentials-fetcher
+
+RUN mkdir -p /var/credentials-fetcher/krbdir
+RUN mkdir -p /var/credentials-fetcher/logging
+RUN mkdir -p /var/credentials-fetcher/socket
+
+VOLUME ["/krb5","/etc/krb5.conf.d","/var/scratch"]
+
+RUN cp /usr/sbin/krb5.conf /etc/krb5.conf
+
+CMD ["/usr/sbin/credentials-fetcherd"]