Intis/prezentacija-dockeriziranje
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add application user

Browse Source
This commit is contained in:
Eden Kirin
2024-01-12 10:29:26 +01:00
parent 10966f3c1f
commit 4c20c41426
5 changed files with 30 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
api-server/Dockerfile
View File

@ -1,5 +1,10 @@
FROM python:3.11-slim-bookworm FROM python:3.11-slim-bookworm
# uid to run application
ARG USER=1000
# gid to run application
ARG USER_GROUP=1000
# set virtual env path # set virtual env path
ENV \ ENV \
PATH=/venv/bin:$PATH PATH=/venv/bin:$PATH
@ -13,11 +18,15 @@ WORKDIR /app
# copy app files to /app directory # copy app files to /app directory
COPY ./app . COPY ./app .
# install dependencies # set permissions to log directory and install dependencies
RUN \ RUN \
chown -R ${USER}:${USER_GROUP} /app/log && \
python -m venv /venv && \ python -m venv /venv && \
pip install -r requirements.txt pip install -r requirements.txt
# set user to run application
USER ${USER}:${USER_GROUP}
# start shell script when container starts # start shell script when container starts
ENTRYPOINT ["/app/run.sh"] ENTRYPOINT ["/app/run.sh"]

1
api-server/Makefile
View File

@ -5,7 +5,6 @@ CONTAINER_NAME=api-server
build: clean build: clean
@docker build \ @docker build \
--progress=plain \ --progress=plain \
--no-cache \
--tag $(IMAGE_NAME) \ --tag $(IMAGE_NAME) \
. .

11
multistage-build/Dockerfile
View File

@ -1,5 +1,10 @@
FROM python:3.11-slim-bookworm FROM python:3.11-slim-bookworm
# uid to run application
ARG USER=1000
# gid to run application
ARG USER_GROUP=1000
# set virtual env path # set virtual env path
ENV \ ENV \
PATH=/venv/bin:$PATH PATH=/venv/bin:$PATH
@ -19,11 +24,15 @@ RUN \
# copy app files to /app directory # copy app files to /app directory
COPY ./app . COPY ./app .
# install dependencies && cleanup # set permissions to log directory and install dependencies && cleanup
RUN \ RUN \
chown -R ${USER}:${USER_GROUP} /app/log && \
pip install -r requirements.txt && \ pip install -r requirements.txt && \
apt purge --auto-remove -y apt purge --auto-remove -y
# set user to run application
USER ${USER}:${USER_GROUP}
# start shell script when container starts # start shell script when container starts
ENTRYPOINT ["/app/run.sh"] ENTRYPOINT ["/app/run.sh"]

13
multistage-build/Dockerfile.multistage
View File

@ -23,6 +23,11 @@ RUN \
FROM python:3.11-slim-bookworm FROM python:3.11-slim-bookworm
# uid to run application
ARG USER=1000
# gid to run application
ARG USER_GROUP=1000
# set virtual env path # set virtual env path
ENV \ ENV \
PATH=/venv/bin:$PATH PATH=/venv/bin:$PATH
@ -38,11 +43,11 @@ COPY --from=install-dependencies /venv /venv
# copy app files to /app directory # copy app files to /app directory
COPY ./app . COPY ./app .
RUN ls -alF / # set permissions to log directory
RUN ls -alF /venv RUN chown -R ${USER}:${USER_GROUP} /app/log
RUN ls -alF /venv/bin
RUN ls -alF /app
# set user to run application
USER ${USER}:${USER_GROUP}
# start shell script when container starts # start shell script when container starts
ENTRYPOINT ["/app/run.sh"] ENTRYPOINT ["/app/run.sh"]

1
multistage-build/Makefile
View File

@ -22,6 +22,7 @@ run:
--name $(IMAGE_NAME) \ --name $(IMAGE_NAME) \
--publish 3000:3000 \ --publish 3000:3000 \
--env CONTAINER_NAME="Awesome API server" \ --env CONTAINER_NAME="Awesome API server" \
--volume /var/log/api-server:/app/log \
--detach \ --detach \
$(CONTAINER_NAME) $(CONTAINER_NAME)