Skip to content
This repository was archived by the owner on Dec 5, 2023. It is now read-only.

Commit 13ed369

Browse files
author
Phil Winder
authored
Merge pull request #11 from microservices-demo/docker/user
Added user to dockerfile. Set caps on java binary to allow binding to port 80
2 parents daa798e + 46a291e commit 13ed369

File tree

1 file changed

+17
-0
lines changed

1 file changed

+17
-0
lines changed

docker/shipping/Dockerfile

+17
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,25 @@
11
FROM java:openjdk-8-alpine
22

3+
ENV SERVICE_USER=myuser \
4+
SERVICE_UID=10001 \
5+
SERVICE_GROUP=mygroup \
6+
SERVICE_GID=10001
7+
8+
RUN addgroup -g ${SERVICE_GID} ${SERVICE_GROUP} && \
9+
adduser -g "${SERVICE_NAME} user" -D -H -G ${SERVICE_GROUP} -s /sbin/nologin -u ${SERVICE_UID} ${SERVICE_USER} && \
10+
apk add --update libcap && \
11+
mkdir /lib64 && \
12+
ln -s /usr/lib/jvm/java-1.8-openjdk/jre/lib/amd64/server/libjvm.so /lib/libjvm.so && \
13+
ln -s /usr/lib/jvm/java-1.8-openjdk/lib/amd64/jli/libjli.so /lib/libjli.so && \
14+
setcap 'cap_net_bind_service=+ep' $(readlink -f $(which java))
15+
316
WORKDIR /usr/src/app
417
COPY *.jar ./app.jar
518

19+
RUN chown -R ${SERVICE_USER}:${SERVICE_GROUP} ./app.jar
20+
21+
USER ${SERVICE_USER}
22+
623
ARG BUILD_DATE
724
ARG BUILD_VERSION
825
ARG COMMIT

0 commit comments

Comments
 (0)