„Dockerfile“ ändern

Added non root run user
master
Marcus Weberskirch 2020-07-10 13:09:22 +00:00
parent a321f560d2
commit 5da9572eb8
1 changed files with 39 additions and 36 deletions

View File

@ -1,37 +1,40 @@
# build stage is buuuh, better clone in rebuild.bat.
FROM alpine:3.12 as build_image
RUN apk add --no-cache git openssh-client && mkdir /root/.ssh
ADD id_rsa_f3x /root/.ssh/id_rsa
RUN chmod -R 600 /root/.ssh
RUN touch /root/.ssh/known_hosts && ssh-keyscan -T 60 -p 22222 git.4f3x.de >> /root/.ssh/known_hosts &&\
git clone ssh://git@git.4f3x.de:22222/marcus/PuppenApp-Server.git /root/akte && \
git clone ssh://git@git.4f3x.de:22222/fex/PuppetOverviewApp.git /root/client && \
apk del git openssh-client
WORKDIR /root/client
RUN apk add --no-cache nodejs npm && npm install && npm run build && apk del nodejs npm
# Build and deploy server instance
FROM python:3.7-slim AS base
#RUN apk add --no-cache --virtual
COPY --from=build_image /root/akte /opt/akte
COPY --from=build_image /root/client/dist /opt/akte/static/
WORKDIR /opt/akte
RUN set -ex \
&& BUILD_DEPS=" \
build-essential \
libpcre3-dev \
libpq-dev \
" \
&& apt-get update && apt-get install -y --no-install-recommends $BUILD_DEPS \
&& pip install --no-cache-dir -r /opt/akte/requirements.txt \
\
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $BUILD_DEPS \
&& rm -rf /var/lib/apt/lists/*
COPY /django_settings_prod.py /opt/akte/akte/settings.py
# Dev-ready container - actual files will be mounted in
FROM base
VOLUME /mnt
CMD ["python" ,"/opt/akte/manage.py","runserver","0.0.0.0:8000"]
# build stage is buuuh, better clone in rebuild.bat.
FROM alpine:3.12 as build_image
RUN apk add --no-cache git openssh-client && mkdir /root/.ssh
ADD id_rsa_f3x /root/.ssh/id_rsa
RUN chmod -R 600 /root/.ssh
RUN touch /root/.ssh/known_hosts && ssh-keyscan -T 60 -p 22222 git.4f3x.de >> /root/.ssh/known_hosts &&\
git clone ssh://git@git.4f3x.de:22222/marcus/PuppenApp-Server.git /root/akte && \
git clone ssh://git@git.4f3x.de:22222/fex/PuppetOverviewApp.git /root/client && \
apk del git openssh-client
WORKDIR /root/client
RUN apk add --no-cache nodejs npm && npm install && npm run build && apk del nodejs npm
# Build and deploy server instance
FROM python:3.7-slim AS base
ARG APP_USER=appuser
RUN groupadd -r ${APP_USER} && useradd --no-log-init -r -g ${APP_USER} ${APP_USER}
COPY --from=build_image /root/akte /opt/akte
COPY --from=build_image /root/client/dist /opt/akte/static/
WORKDIR /opt/akte
RUN set -ex \
&& BUILD_DEPS=" \
build-essential \
libpcre3-dev \
libpq-dev \
" \
&& apt-get update && apt-get install -y --no-install-recommends $BUILD_DEPS \
&& pip install --no-cache-dir -r /opt/akte/requirements.txt \
\
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $BUILD_DEPS \
&& rm -rf /var/lib/apt/lists/*
COPY /django_settings_prod.py /opt/akte/akte/settings.py
# Dev-ready container - actual files will be mounted in
FROM base
USER ${APP_USER}:${APP_USER}
VOLUME /mnt
CMD ["python" ,"/opt/akte/manage.py","runserver","0.0.0.0:8000"]
EXPOSE 8000