-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Reduces the overall final image size by using Azure Linux * Offers maximum compatibility with Azure infrastructure * Uses arbitrary user instead of 'root' * Supported by Microsoft
- Loading branch information
1 parent
e89211e
commit 411c923
Showing
2 changed files
with
54 additions
and
60 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,45 +1,47 @@ | ||
FROM mcr.microsoft.com/dotnet/sdk:8.0-bookworm-slim AS build | ||
WORKDIR /build | ||
|
||
ENV DEBIAN_FRONTEND=noninteractive | ||
# Set the major version of dotnet | ||
ARG DOTNET_VERSION=8.0 | ||
|
||
# Build the app using the dotnet SDK | ||
FROM "mcr.microsoft.com/dotnet/sdk:${DOTNET_VERSION}-azurelinux3.0" AS build | ||
WORKDIR /build | ||
ARG CI | ||
ENV CI=${CI} | ||
|
||
COPY . . | ||
COPY ./script/web-docker-entrypoint.sh /app/docker-entrypoint.sh | ||
|
||
RUN mkdir -p /app/SQL | ||
RUN touch /app/SQL/DbMigrationScriptLegacy.sql | ||
RUN touch /app/SQL/DbMigrationScript.sql | ||
|
||
# Mount GitHub Token as a Docker secret so that NuGet Feed can be accessed | ||
RUN --mount=type=secret,id=github_token dotnet nuget add source --username USERNAME --password $(cat /run/secrets/github_token) --store-password-in-clear-text --name github "https://nuget.pkg.github.com/DFE-Digital/index.json" | ||
RUN dotnet restore TramsDataApi.sln | ||
RUN dotnet new tool-manifest | ||
RUN dotnet tool install dotnet-ef --version 8.0.8 | ||
ENV PATH="$PATH:/root/.dotnet/tools" | ||
|
||
RUN dotnet ef migrations script --output /app/SQL/DbMigrationScriptLegacy.sql --project TramsDataApi --context TramsDataApi.DatabaseModels.LegacyTramsDbContext --idempotent -v | ||
RUN dotnet ef migrations script --output /app/SQL/DbMigrationScript.sql --project TramsDataApi --context TramsDataApi.DatabaseModels.TramsDbContext --idempotent --no-build -v | ||
|
||
# this build has no effect on ef migrations because it is a "Release" configuration | ||
RUN dotnet build -c Release TramsDataApi.sln --no-restore -p:CI=${CI} | ||
RUN dotnet publish TramsDataApi -c Release -o /app --no-restore | ||
|
||
ARG ASPNET_IMAGE_TAG | ||
FROM mcr.microsoft.com/dotnet/aspnet:8.0-bookworm-slim AS final | ||
|
||
RUN apt-get update | ||
RUN apt-get install unixodbc curl gnupg -y | ||
RUN curl -fsSL https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor -o /usr/share/keyrings/microsoft-prod.gpg | ||
RUN curl https://packages.microsoft.com/config/debian/12/prod.list | tee /etc/apt/sources.list.d/msprod.list | ||
RUN apt-get update | ||
RUN ACCEPT_EULA=Y apt-get install msodbcsql18 mssql-tools18 -y | ||
|
||
COPY --from=build /app /app | ||
|
||
# Generate the Entity Framework migration scripts | ||
RUN ["dotnet", "new", "tool-manifest"] | ||
RUN ["dotnet", "tool", "install", "dotnet-ef", "--version", "8.0.11"] | ||
RUN ["mkdir", "-p", "/app/SQL"] | ||
RUN ["touch", "/app/SQL/DbMigrationScriptOutput.txt"] | ||
RUN ["touch", "/app/SQL/DbMigrationScriptOutputLegacy.txt"] | ||
RUN ["dotnet", "restore", "TramsDataApi.sln"] | ||
RUN ["dotnet", "ef", "migrations", "script", "--output", "/app/SQL/DbMigrationScriptLegacy.sql", "--project", "TramsDataApi", "--context", "TramsDataApi.DatabaseModels.LegacyTramsDbContext", "--idempotent"] | ||
RUN ["dotnet", "ef", "migrations", "script", "--output", "/app/SQL/DbMigrationScript.sql", "--project", "TramsDataApi", "--context", "TramsDataApi.DatabaseModels.TramsDbContext", "--idempotent"] | ||
|
||
# Build and publish the dotnet solution | ||
RUN dotnet build TramsDataApi.sln --no-restore -c Release -p CI=${CI} | ||
RUN ["dotnet", "publish", "TramsDataApi", "--no-build", "-o", "/app"] | ||
|
||
# Install SQL tools to allow migrations to be run | ||
FROM "mcr.microsoft.com/dotnet/aspnet:${DOTNET_VERSION}-azurelinux3.0" AS base | ||
RUN curl "https://packages.microsoft.com/config/rhel/9/prod.repo" | tee /etc/yum.repos.d/mssql-release.repo | ||
ENV ACCEPT_EULA=Y | ||
RUN ["tdnf", "update"] | ||
RUN ["tdnf", "install", "-y", "mssql-tools18"] | ||
RUN ["tdnf", "clean", "all"] | ||
|
||
# Build a runtime environment | ||
FROM base AS final | ||
WORKDIR /app | ||
COPY ./script/web-docker-entrypoint.sh ./docker-entrypoint.sh | ||
RUN chmod +x ./docker-entrypoint.sh | ||
LABEL org.opencontainers.image.source="https://github.com/DFE-Digital/academies-api" | ||
LABEL org.opencontainers.image.description="Academies API" | ||
|
||
ENV ASPNETCORE_HTTP_PORTS 80 | ||
EXPOSE 80/tcp | ||
COPY --from=build /app /app | ||
RUN ["chmod", "+x", "./docker-entrypoint.sh"] | ||
RUN chown "$APP_UID" "/app/SQL" -R | ||
USER $APP_UID |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,36 +1,28 @@ | ||
FROM mcr.microsoft.com/dotnet/sdk:8.0-bookworm-slim AS build | ||
WORKDIR /build | ||
|
||
ENV DEBIAN_FRONTEND=noninteractive | ||
# Set the major version of dotnet | ||
ARG DOTNET_VERSION=8.0 | ||
|
||
# Build the app using the dotnet SDK | ||
FROM "mcr.microsoft.com/dotnet/sdk:${DOTNET_VERSION}-azurelinux3.0" AS build | ||
WORKDIR /build | ||
ARG CI | ||
ENV CI=${CI} | ||
|
||
COPY . . | ||
COPY ./script/personsapi.docker-entrypoint.sh /app/docker-entrypoint.sh | ||
|
||
RUN --mount=type=secret,id=github_token dotnet nuget add source --username USERNAME --password $(cat /run/secrets/github_token) --store-password-in-clear-text --name github "https://nuget.pkg.github.com/DFE-Digital/index.json" | ||
RUN dotnet build -c Release PersonsApi -p:CI=${CI} | ||
RUN dotnet publish PersonsApi -c Release -o /app --no-restore | ||
|
||
RUN dotnet new tool-manifest | ||
RUN dotnet tool install dotnet-ef --version 8.0.8 | ||
ENV PATH="$PATH:/root/.dotnet/tools" | ||
|
||
ARG ASPNET_IMAGE_TAG | ||
FROM mcr.microsoft.com/dotnet/aspnet:8.0-bookworm-slim AS final | ||
|
||
RUN apt-get update | ||
RUN apt-get install unixodbc curl gnupg -y | ||
RUN curl -fsSL https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor -o /usr/share/keyrings/microsoft-prod.gpg | ||
RUN curl https://packages.microsoft.com/config/debian/12/prod.list | tee /etc/apt/sources.list.d/msprod.list | ||
RUN apt-get update | ||
RUN ACCEPT_EULA=Y apt-get install msodbcsql18 mssql-tools18 -y | ||
|
||
COPY --from=build /app /app | ||
# Restore, build and publish the dotnet solution | ||
RUN ["dotnet", "restore", "PersonsApi"] | ||
RUN dotnet build PersonsApi --no-restore -c Release -p CI=${CI} | ||
RUN ["dotnet", "publish", "PersonsApi", "--no-build", "-o", "/app"] | ||
|
||
# Build a runtime environment | ||
FROM "mcr.microsoft.com/dotnet/aspnet:${DOTNET_VERSION}-azurelinux3.0" AS final | ||
WORKDIR /app | ||
COPY ./script/personsapi.docker-entrypoint.sh ./docker-entrypoint.sh | ||
RUN chmod +x ./docker-entrypoint.sh | ||
LABEL org.opencontainers.image.source="https://github.com/DFE-Digital/academies-api" | ||
LABEL org.opencontainers.image.description="Persons API" | ||
|
||
ENV ASPNETCORE_HTTP_PORTS 80 | ||
EXPOSE 80/tcp | ||
COPY --from=build /app /app | ||
RUN ["chmod", "+x", "./docker-entrypoint.sh"] | ||
USER $APP_UID |