forked from codenotary/immudb
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
85 lines (71 loc) · 2.65 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
FROM golang:1.17 as build
WORKDIR /src
COPY go.mod go.sum /src/
RUN go mod download -x
COPY . .
RUN rm -rf /src/webconsole/dist
RUN GOOS=linux GOARCH=amd64 WEBCONSOLE=default make immuadmin-static immudb-static
RUN mkdir /empty
FROM debian:bullseye-slim as bullseye-slim
LABEL org.opencontainers.image.authors="CodeNotary, Inc. <[email protected]>"
COPY --from=build /src/immudb /usr/sbin/immudb
COPY --from=build /src/immuadmin /usr/local/bin/immuadmin
COPY --from=build "/etc/ssl/certs/ca-certificates.crt" "/etc/ssl/certs/ca-certificates.crt"
ARG IMMU_UID="3322"
ARG IMMU_GID="3322"
ENV IMMUDB_HOME="/usr/share/immudb" \
IMMUDB_DIR="/var/lib/immudb" \
IMMUDB_ADDRESS="0.0.0.0" \
IMMUDB_PORT="3322" \
IMMUDB_PIDFILE="" \
IMMUDB_LOGFILE="" \
IMMUDB_MTLS="false" \
IMMUDB_AUTH="true" \
IMMUDB_DETACHED="false" \
IMMUDB_DEVMODE="true" \
IMMUDB_MAINTENANCE="false" \
IMMUDB_ADMIN_PASSWORD="immudb" \
IMMUADMIN_TOKENFILE="/var/lib/immudb/admin_token"
RUN addgroup --system --gid $IMMU_GID immu && \
adduser --system --uid $IMMU_UID --no-create-home --ingroup immu immu && \
mkdir -p "$IMMUDB_HOME" && \
mkdir -p "$IMMUDB_DIR" && \
chown -R immu:immu "$IMMUDB_HOME" "$IMMUDB_DIR" && \
chmod -R 777 "$IMMUDB_HOME" "$IMMUDB_DIR" && \
chmod +x /usr/sbin/immudb /usr/local/bin/immuadmin
EXPOSE 3322
EXPOSE 9497
EXPOSE 8080
HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 CMD [ "/usr/local/bin/immuadmin", "status" ]
USER immu
ENTRYPOINT ["/usr/sbin/immudb"]
FROM scratch as scratch
LABEL org.opencontainers.image.authors="CodeNotary, Inc. <[email protected]>"
ARG IMMU_UID="3322"
ARG IMMU_GID="3322"
ENV IMMUDB_HOME="/usr/share/immudb" \
IMMUDB_DIR="/var/lib/immudb" \
IMMUDB_ADDRESS="0.0.0.0" \
IMMUDB_PORT="3322" \
IMMUDB_PIDFILE="" \
IMMUDB_LOGFILE="" \
IMMUDB_MTLS="false" \
IMMUDB_AUTH="true" \
IMMUDB_DETACHED="false" \
IMMUDB_DEVMODE="true" \
IMMUDB_MAINTENANCE="false" \
IMMUDB_ADMIN_PASSWORD="immudb" \
IMMUADMIN_TOKENFILE="/var/lib/immudb/admin_token" \
USER=immu \
HOME="${IMMUDB_HOME}"
COPY --from=build /src/immudb /usr/sbin/immudb
COPY --from=build /src/immuadmin /usr/local/bin/immuadmin
COPY --from=build --chown="$IMMU_UID:$IMMU_GID" /empty "$IMMUDB_HOME"
COPY --from=build --chown="$IMMU_UID:$IMMU_GID" /empty "$IMMUDB_DIR"
COPY --from=build "/etc/ssl/certs/ca-certificates.crt" "/etc/ssl/certs/ca-certificates.crt"
EXPOSE 3322
EXPOSE 9497
EXPOSE 8080
HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 CMD [ "/usr/local/bin/immuadmin", "status" ]
USER "${IMMU_UID}:${IMMU_GID}"
ENTRYPOINT ["/usr/sbin/immudb"]