diff --git a/Dockerfile b/Dockerfile index 6927c2b..17edab7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,7 +17,7 @@ RUN pacman -Syu --noconfirm && pacman-db-upgrade \ && pacman -S --noconfirm maven npm pnpm \ && pacman -Scc --noconfirm -ENV PATH /tmp/node_modules/.bin:$PATH +ENV PATH=/tmp/node_modules/.bin:$PATH ###################################################################################### ## @@ -80,34 +80,25 @@ RUN pnpm static:build ## Production area: ## ###################################################################################### +FROM bellsoft/liberica-openjdk-alpine-musl:latest -#FROM bellsoft/liberica-openjdk-alpine:latest -## add wget to manage the health check... -#RUN apk add --no-cache wget -FROM common +RUN apk add --no-cache wget -#FROM archlinux:base -#RUN pacman -Syu --noconfirm && pacman-db-upgrade -## install package -#RUN pacman -S --noconfirm jdk-openjdk wget -## intall npm -#RUN pacman -S --noconfirm npm -## clean all the caches Need only on the release environment -#RUN pacman -Scc --noconfirm - -ENV LANG C.UTF-8 - -COPY --from=build_back /tmp/out/maven/*.jar /application/application.jar -COPY --from=build_front /tmp/dist /application/front/ - -# COPY front/public/icons /application/front/public/icons -# COPY front/public/icons /application/front/icons -WORKDIR /application/ +RUN addgroup -S user \ + && adduser -S user -G user +ENV LANG=C.UTF-8 EXPOSE 80 +WORKDIR /application/ +RUN chown user:user -R /application # To verify health-check: docker inspect --format "{{json .State.Health }}" YOUR_SERVICE_NAME | jq HEALTHCHECK --start-period=10s --start-interval=2s --interval=30s --timeout=5s --retries=10 \ CMD wget --no-verbose --tries=1 --spider http://localhost:80/api/health_check || exit 1 CMD ["java", "-Xms64M", "-Xmx1G", "-cp", "/application/application.jar", "org.atriasoft.karusic.WebLauncher"] + +COPY --chown=user:user --from=build_back /tmp/out/maven/*.jar /application/application.jar +COPY --chown=user:user --from=build_front /tmp/dist /application/front/ + +USER user