From 987208dd0375a967e89fe598426c6547a35f9b7b Mon Sep 17 00:00:00 2001 From: Philippe Caseiro Date: Mon, 26 Feb 2024 11:54:51 +0100 Subject: [PATCH 1/3] feat(docker): do not run container as root Using a non root user to execute the application. We don't need to be root --- misc/docker/Dockerfile | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/misc/docker/Dockerfile b/misc/docker/Dockerfile index dbd2e4a..62b5840 100644 --- a/misc/docker/Dockerfile +++ b/misc/docker/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.17 AS build +FROM reg.cadoles.com/dh/library/golang:1.17 AS build ARG HTTP_PROXY= ARG HTTPS_PROXY= @@ -23,12 +23,15 @@ RUN npm install \ && echo "---" > ./misc/release/config-patch.yml \ && make ARCH_TARGETS=amd64 release + FROM busybox -COPY --from=build /src/release/fake-sms-linux-amd64 /app +RUN adduser -D -h /app sms +COPY --from=build /src/release/fake-sms-linux-amd64 /app +RUN chown -R sms:sms /app + +USER sms WORKDIR /app -RUN mkdir -p /app - CMD ["bin/fake-sms", "--config", "config.yml"] \ No newline at end of file -- 2.17.1 From 725fea2387a154897786aa576d031f9bfcc7f7d7 Mon Sep 17 00:00:00 2001 From: Philippe Caseiro Date: Mon, 26 Feb 2024 14:56:58 +0100 Subject: [PATCH 2/3] fix(dockerfile): updating build image make the build faster and lighter --- misc/docker/Dockerfile | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/misc/docker/Dockerfile b/misc/docker/Dockerfile index e5430f4..c667afc 100644 --- a/misc/docker/Dockerfile +++ b/misc/docker/Dockerfile @@ -1,14 +1,11 @@ -FROM reg.cadoles.com/dh/library/golang:1.17 AS build +FROM reg.cadoles.com/dh/library/golang:1.22-alpine AS build ARG HTTP_PROXY= ARG HTTPS_PROXY= ARG http_proxy= ARG https_proxy= -RUN apt-get update && apt-get install -y build-essential git bash curl python2 - -RUN curl -sL https://deb.nodesource.com/setup_20.x | bash - \ - && apt-get install -y nodejs +RUN apk update && apk add --no-cache build-base git bash curl python3 nodejs npm COPY . /src @@ -16,7 +13,7 @@ WORKDIR /src RUN cp -f misc/docker/config-patch.yml misc/release/config-patch.yml -RUN go get github.com/krishicks/yaml-patch/cmd/yaml-patch +RUN go install github.com/krishicks/yaml-patch/cmd/yaml-patch@v0.0.10 RUN npm install \ && make vendor \ -- 2.17.1 From 79836b065a2f19275d467344786eff0fce3cccad Mon Sep 17 00:00:00 2001 From: Philippe Caseiro Date: Mon, 26 Feb 2024 15:20:26 +0100 Subject: [PATCH 3/3] feat(docker): using reg.cadoles.com to publish image --- Makefile | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Makefile b/Makefile index 23a6077..71d03c8 100644 --- a/Makefile +++ b/Makefile @@ -21,11 +21,11 @@ docker-run: fake-sms:latest docker-release: - docker tag fake-sms:latest cadoles/fake-sms:latest - docker tag fake-sms:latest cadoles/fake-sms:$(DOCKER_DATE_TAG) - docker login - docker push cadoles/fake-sms:latest - docker push cadoles/fake-sms:$(DOCKER_DATE_TAG) + docker tag fake-sms:latest reg.cadoles.com/cadoles/fake-sms:latest + docker tag fake-sms:latest reg.cadoles.com/cadoles/fake-sms:$(DOCKER_DATE_TAG) + docker login reg.cadoles.com + docker push reg.cadoles.com/cadoles/fake-sms:latest + docker push reg.cadoles.com/cadoles/fake-sms:$(DOCKER_DATE_TAG) test: go test -v -race ./... -- 2.17.1