Skip to content

Commit

Permalink
Merge pull request #168 from uc-cdis/chore/nobody
Browse files Browse the repository at this point in the history
Update Dockerfile
  • Loading branch information
piotrsenkow authored Dec 10, 2024
2 parents c16c316 + ea2d9bd commit aba0ca3
Showing 1 changed file with 21 additions and 2 deletions.
23 changes: 21 additions & 2 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM quay.io/cdis/golang:1.17-bullseye as build-deps
FROM quay.io/cdis/golang:1.17-bullseye AS build-deps

ENV CGO_ENABLED=0
ENV GOOS=linux
Expand All @@ -24,4 +24,23 @@ RUN GITCOMMIT=$(git rev-parse HEAD) \
-ldflags="-X 'github.com/uc-cdis/arborist/arborist/version.GitCommit=${GITCOMMIT}' -X 'github.com/uc-cdis/arborist/arborist/version.GitVersion=${GITVERSION}'" \
-o bin/arborist

CMD ["bin/arborist"]
RUN echo "nobody:x:65534:65534:Nobody:/:" > /etc_passwd

FROM quay.io/cdis/golang-build-base:master
RUN dnf update \
--assumeyes \
&& dnf install \
--assumeyes \
--setopt=install_weak_deps=False \
--setopt=tsflags=nodocs \
postgresql15 \
jq \
&& dnf clean all \
&& rm -rf /var/cache/yum
COPY --from=build-deps /etc_passwd /etc/passwd
COPY --from=build-deps /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=build-deps /go/src/github.com/uc-cdis/arborist/ /go/src/github.com/uc-cdis/arborist/
RUN setcap 'cap_net_bind_service=+ep' /go/src/github.com/uc-cdis/arborist/bin/arborist
WORKDIR /go/src/github.com/uc-cdis/arborist/
USER nobody
CMD ["/go/src/github.com/uc-cdis/arborist/bin/arborist"]

0 comments on commit aba0ca3

Please sign in to comment.