Skip to content
This repository has been archived by the owner on Dec 5, 2023. It is now read-only.

Commit

Permalink
Merge pull request #12 from microservices-demo/docker/user
Browse files Browse the repository at this point in the history
Added user to dockerfile. Set caps on java binary to allow binding to…
  • Loading branch information
Phil Winder authored Nov 8, 2016
2 parents fef970e + 2892497 commit 6ca5b49
Showing 1 changed file with 17 additions and 0 deletions.
17 changes: 17 additions & 0 deletions docker/cart/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,8 +1,25 @@
FROM java:openjdk-8-alpine

ENV SERVICE_USER=myuser \
SERVICE_UID=10001 \
SERVICE_GROUP=mygroup \
SERVICE_GID=10001

RUN addgroup -g ${SERVICE_GID} ${SERVICE_GROUP} && \
adduser -g "${SERVICE_NAME} user" -D -H -G ${SERVICE_GROUP} -s /sbin/nologin -u ${SERVICE_UID} ${SERVICE_USER} && \
apk add --update libcap && \
mkdir /lib64 && \
ln -s /usr/lib/jvm/java-1.8-openjdk/jre/lib/amd64/server/libjvm.so /lib/libjvm.so && \
ln -s /usr/lib/jvm/java-1.8-openjdk/lib/amd64/jli/libjli.so /lib/libjli.so && \
setcap 'cap_net_bind_service=+ep' $(readlink -f $(which java))

WORKDIR /usr/src/app
COPY *.jar ./app.jar

RUN chown -R ${SERVICE_USER}:${SERVICE_GROUP} ./app.jar

USER ${SERVICE_USER}

ARG BUILD_DATE
ARG BUILD_VERSION
ARG COMMIT
Expand Down

0 comments on commit 6ca5b49

Please sign in to comment.