Multi-platform Docker image
Run as non-root user
This commit is contained in:
parent
3e9d114333
commit
3471f7d26d
36
Dockerfile
36
Dockerfile
@ -1,16 +1,14 @@
|
||||
FROM adoptopenjdk/openjdk12:alpine-jre
|
||||
# syntax=docker/dockerfile:experimental
|
||||
FROM --platform=${TARGETPLATFORM:-linux/amd64} adoptopenjdk:12-jre-hotspot
|
||||
|
||||
ARG BUILD_DATE
|
||||
ARG VCS_REF
|
||||
ARG VERSION
|
||||
ARG TARGETPLATFORM
|
||||
ARG BUILDPLATFORM
|
||||
RUN printf "I am running on ${BUILDPLATFORM:-linux/amd64}, building for ${TARGETPLATFORM:-linux/amd64}\n$(uname -a)\n"
|
||||
|
||||
LABEL maintainer="CrazyMax" \
|
||||
org.label-schema.build-date=$BUILD_DATE \
|
||||
org.label-schema.name="jetbrains-license-server" \
|
||||
org.label-schema.description="JetBrains License Server" \
|
||||
org.label-schema.version=$VERSION \
|
||||
org.label-schema.url="https://github.com/crazy-max/docker-jetbrains-license-server" \
|
||||
org.label-schema.vcs-ref=$VCS_REF \
|
||||
org.label-schema.vcs-url="https://github.com/crazy-max/docker-jetbrains-license-server" \
|
||||
org.label-schema.vendor="CrazyMax" \
|
||||
org.label-schema.schema-version="1.0"
|
||||
@ -20,25 +18,33 @@ ENV JLS_PATH="/opt/jetbrains-license-server" \
|
||||
JLS_SHA256="15cd436d41b1af8e273b8f8b037d654a9e9d9ca8a5f188e08426ca1024ba143a" \
|
||||
TZ="UTC"
|
||||
|
||||
COPY entrypoint.sh /entrypoint.sh
|
||||
|
||||
RUN apk --update --no-cache add \
|
||||
tzdata \
|
||||
&& apk --update --no-cache add -t build-dependencies \
|
||||
RUN apt-get update \
|
||||
&& apt-get install -y \
|
||||
bash \
|
||||
curl \
|
||||
zip \
|
||||
&& mkdir -p "$JLS_PATH" \
|
||||
tzdata \
|
||||
&& curl -L "https://download.jetbrains.com/lcsrv/license-server-installer.zip" -o "/tmp/jls.zip" \
|
||||
&& echo "$JLS_SHA256 /tmp/jls.zip" | sha256sum -c - | grep OK \
|
||||
&& unzip "/tmp/jls.zip" -d "$JLS_PATH" \
|
||||
&& rm -f "/tmp/jls.zip" \
|
||||
&& chmod a+x "$JLS_PATH/bin/license-server.sh" \
|
||||
&& ln -sf "$JLS_PATH/bin/license-server.sh" "/usr/local/bin/license-server" \
|
||||
&& apt-get clean \
|
||||
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
||||
|
||||
COPY entrypoint.sh /entrypoint.sh
|
||||
|
||||
RUN mkdir -p /data "$JLS_PATH" \
|
||||
&& chmod a+x /entrypoint.sh \
|
||||
&& apk del build-dependencies \
|
||||
&& rm -rf /var/cache/apk/* /tmp/*
|
||||
&& groupadd -f -g 1000 jls \
|
||||
&& useradd -o -s /bin/bash -d /data -u 1000 -g 1000 -m jls \
|
||||
&& chown -R jls. /data "$JLS_PATH"
|
||||
|
||||
USER jls
|
||||
|
||||
EXPOSE 8000
|
||||
WORKDIR /data
|
||||
VOLUME [ "/data" ]
|
||||
|
||||
ENTRYPOINT [ "/entrypoint.sh" ]
|
||||
|
@ -8,8 +8,6 @@ JLS_ACCESS_CONFIG=${JLS_ACCESS_CONFIG:-/data/access-config.json}
|
||||
|
||||
# Init
|
||||
echo "Initializing files and folders..."
|
||||
mkdir -p /data/registration
|
||||
ln -sf "/data/registration" "/root/.jb-license-server"
|
||||
touch "/data/access-config.json"
|
||||
|
||||
# https://www.jetbrains.com/help/license_server/setting_host_and_port.html
|
||||
|
Loading…
Reference in New Issue
Block a user