Multi-platform Docker image

Run as non-root user
2019-10-10 15:58:56 +02:00 · 2019-10-10 15:58:56 +02:00 · 3471f7d26d
commit 3471f7d26d
parent 3e9d114333
2 changed files with 22 additions and 18 deletions
--- a/36
+++ b/36
@ -1,16 +1,14 @@
-FROM adoptopenjdk/openjdk12:alpine-jre
+# syntax=docker/dockerfile:experimental
 FROM --platform=${TARGETPLATFORM:-linux/amd64} adoptopenjdk:12-jre-hotspot
-ARG BUILD_DATE
+ARG TARGETPLATFORM
-ARG VCS_REF
+ARG BUILDPLATFORM
-ARG VERSION
+RUN printf "I am running on ${BUILDPLATFORM:-linux/amd64}, building for ${TARGETPLATFORM:-linux/amd64}\n$(uname -a)\n"
 LABEL maintainer="CrazyMax" \
  org.label-schema.build-date=$BUILD_DATE \
  org.label-schema.name="jetbrains-license-server" \
  org.label-schema.description="JetBrains License Server" \
  org.label-schema.version=$VERSION \
  org.label-schema.url="https://github.com/crazy-max/docker-jetbrains-license-server" \
  org.label-schema.vcs-ref=$VCS_REF \
  org.label-schema.vcs-url="https://github.com/crazy-max/docker-jetbrains-license-server" \
  org.label-schema.vendor="CrazyMax" \
  org.label-schema.schema-version="1.0"
@ -20,25 +18,33 @@ ENV JLS_PATH="/opt/jetbrains-license-server" \
  JLS_SHA256="15cd436d41b1af8e273b8f8b037d654a9e9d9ca8a5f188e08426ca1024ba143a" \
  TZ="UTC"
-COPY entrypoint.sh /entrypoint.sh
+RUN apt-get update \
-
+  && apt-get install -y \
-RUN apk --update --no-cache add \
+    bash \
    tzdata \
  && apk --update --no-cache add -t build-dependencies \
    curl \
    zip \
-  && mkdir -p "$JLS_PATH" \
+    tzdata \
  && curl -L "https://download.jetbrains.com/lcsrv/license-server-installer.zip" -o "/tmp/jls.zip" \
  && echo "$JLS_SHA256  /tmp/jls.zip" | sha256sum -c - | grep OK \
  && unzip "/tmp/jls.zip" -d "$JLS_PATH" \
  && rm -f "/tmp/jls.zip" \
  && chmod a+x "$JLS_PATH/bin/license-server.sh" \
  && ln -sf "$JLS_PATH/bin/license-server.sh" "/usr/local/bin/license-server" \
  && apt-get clean \
  && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 COPY entrypoint.sh /entrypoint.sh
 RUN mkdir -p /data "$JLS_PATH" \
  && chmod a+x /entrypoint.sh \
-  && apk del build-dependencies \
+  && groupadd -f -g 1000 jls \
-  && rm -rf /var/cache/apk/* /tmp/*
+  && useradd -o -s /bin/bash -d /data -u 1000 -g 1000 -m jls \
  && chown -R jls. /data "$JLS_PATH"
 USER jls
 EXPOSE 8000
 WORKDIR /data
 VOLUME [ "/data" ]
 ENTRYPOINT [ "/entrypoint.sh" ]
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -8,8 +8,6 @@ JLS_ACCESS_CONFIG=${JLS_ACCESS_CONFIG:-/data/access-config.json}
 # Init
 echo "Initializing files and folders..."
 mkdir -p /data/registration
 ln -sf "/data/registration" "/root/.jb-license-server"
 touch "/data/access-config.json"
 # https://www.jetbrains.com/help/license_server/setting_host_and_port.html