# Select base image and install your packages
FROM ubi9:latest
RUN yum install -y git openssh-server
RUN ssh-keygen -A

# Setup the git user and create the git repo mount target
RUN useradd -s `which git-shell` -u 3091 git
RUN mkdir -p /srv/git

# Add your public key for passwordless ssh authentication with git interactions
RUN mkdir /home/git/.ssh && chmod 700 /home/git/.ssh
ADD ./ssh-key.pub /home/git/.ssh/authorized_keys
RUN chmod 600 /home/git/.ssh/authorized_keys && chown git:git -R /home/git/.ssh

# Secure git-shell against: CVE-2017-8386 
RUN sed -i '1s/^/no-pty /g' /home/git/.ssh/authorized_keys

# Expose port 22 and run the ssh daemon
EXPOSE 22
CMD ["/usr/sbin/sshd","-D"]