From 584107b3cdb0c6d869a9526776e59a29dd187c1a Mon Sep 17 00:00:00 2001 From: Michael Folz Date: Wed, 15 Nov 2023 15:15:41 +0100 Subject: [PATCH] #237 - Minor suggestions to improve the container image - use system ca certs --- Dockerfile | 9 ++------- docker-compose.yml | 2 ++ 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index 88320e84..343db6d5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -13,17 +13,12 @@ ENV FEASIBILITY_DATABASE_HOST="feasibility-network" ENV FEASIBILITY_DATABASE_PORT=5432 ENV FEASIBILITY_DATABASE_USER=postgres ENV FEASIBILITY_DATABASE_PASSWORD=password -ENV CERTIFICATE_PATH=/opt/codex-feasibility-backend/certs -ENV TRUSTSTORE_PATH=/opt/codex-feasibility-backend/truststore -ENV TRUSTSTORE_FILE=self-signed-truststore.jks RUN mkdir logging && \ - mkdir -p $CERTIFICATE_PATH $TRUSTSTORE_PATH && \ - chown -R 10001:10001 /opt/codex-feasibility-backend && \ - chown 10001:10001 $CERTIFICATE_PATH $TRUSTSTORE_PATH + chown -R 10001:10001 /opt/codex-feasibility-backend USER 10001 HEALTHCHECK --interval=5s --start-period=10s CMD curl -s -f http://localhost:8090/actuator/health || exit 1 COPY ./docker-entrypoint.sh / -ENTRYPOINT ["/bin/bash", "/docker-entrypoint.sh"] \ No newline at end of file +ENTRYPOINT ["java","-jar","feasibility-gui-backend.jar"] \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index 8fac7976..9dfad6e5 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -8,6 +8,7 @@ services: depends_on: - feasibility-db environment: + USE_SYSTEM_CA_CERTS: 1 SPRING_DATASOURCE_URL: ${CODEX_FEASIBILITY_BACKEND_DATASOURCE_URL:-jdbc:postgresql://feasibility-db:5432/codex_ui?currentSchema=codex} SPRING_DATASOURCE_USERNAME: ${CODEX_FEASIBILITY_BACKEND_DATASOURCE_USERNAME:-codex-postgres} SPRING_DATASOURCE_PASSWORD: ${CODEX_FEASIBILITY_BACKEND_DATASOURCE_PASSWORD:-codex-password} @@ -70,6 +71,7 @@ services: - ${CODEX_FEASIBILITY_BACKEND_LOCAL_TERM_CODE_MAPPING_PATH:-./ontology/codex-term-code-mapping.json}:${CODEX_FEASIBILITY_BACKEND_ONTOLOGY_FILES_FOLDER:-/opt/codex-feasibility-backend/ontology}/codex-term-code-mapping.json - ${CODEX_FEASIBILITY_BACKEND_DSF_SECURITY_DIR:-/dev/null}:/opt/codex-feasibility-backend/dsf-security/ - ${CODEX_FEASIBILITY_BACKEND_ONTOLOGY_DB_MIGRATION_FOLDER:-../ontology/migration}:/opt/codex-feasibility-backend/ontology/migration + - $(pwd)/certs:/certificates/ feasibility-db: image: 'postgres:15-alpine' container_name: feasibility-db