Skip to content
Snippets Groups Projects
Commit 86b37aca authored by Carlos Panato's avatar Carlos Panato Committed by Alex Ellis
Browse files

update dockerfile to add user


Signed-off-by: default avatarCarlos Panato <ctadeu@gmail.com>
parent 6d8ebc65
No related branches found
No related tags found
No related merge requests found
FROM golang:1.9.7-alpine as builder
FROM golang:1.10.4-alpine3.8 as builder
MAINTAINER alex@openfaas.com
ENTRYPOINT []
# Allows you to add additional packages via build-arg
ARG ADDITIONAL_PACKAGE
ARG CGO_ENABLED=0
RUN apk --no-cache add make curl \
&& curl -sL https://github.com/openfaas/faas/releases/download/0.13.0/fwatchdog > /usr/bin/fwatchdog \
&& chmod +x /usr/bin/fwatchdog
RUN apk --no-cache add curl ${ADDITIONAL_PACKAGE} \
&& echo "Pulling watchdog binary from Github." \
&& curl -sSL https://github.com/openfaas/faas/releases/download/0.13.0/fwatchdog > /usr/bin/fwatchdog \
&& chmod +x /usr/bin/fwatchdog \
&& apk del curl --no-cache
WORKDIR /go/src/github.com/openfaas/faas/sample-functions/ApiKeyProtected
WORKDIR /go/src/handler
COPY . .
COPY handler.go .
# COPY vendor vendor
# Run a gofmt and exclude all vendored code.
RUN test -z "$(gofmt -l $(find . -type f -name '*.go' -not -path "./vendor/*" -not -path "./function/vendor/*"))" || { echo "Run \"gofmt -s -w\" on your Golang code"; exit 1; }
RUN go install
RUN CGO_ENABLED=${CGO_ENABLED} GOOS=linux \
go build --ldflags "-s -w" -a -installsuffix cgo -o handler . && \
go test $(go list ./... | grep -v /vendor/) -cover
FROM alpine:3.8
RUN apk --no-cache add ca-certificates
# Needed to reach the hub
RUN apk --no-cache add ca-certificates
# Add non root user
RUN addgroup -S app && adduser -S -g app app
RUN mkdir -p /home/app
WORKDIR /home/app
COPY --from=builder /usr/bin/fwatchdog .
COPY --from=builder /go/src/handler/function/ .
COPY --from=builder /go/src/handler/handler .
COPY --from=builder /usr/bin/fwatchdog /usr/bin/fwatchdog
COPY --from=builder /go/bin/ApiKeyProtected /usr/bin/ApiKeyProtected
ENV fprocess "/usr/bin/ApiKeyProtected"
CMD ["/usr/bin/fwatchdog"]
RUN chown -R app /home/app
USER app
ENV fprocess="./handler"
EXPOSE 8080
HEALTHCHECK --interval=3s CMD [ -e /tmp/.lock ] || exit 1
CMD ["./fwatchdog"]
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment