Commit 1f8f4f9d authored by Phil Winder's avatar Phil Winder Committed by GitHub
Browse files

Merge pull request #10 from microservices-demo/docker/user

Added user to dockerfile. Set caps on java binary to allow binding to…
parents 7a330b2a 45ec7fe0
FROM java:openjdk-8-alpine
ENV SERVICE_USER=myuser \
SERVICE_UID=10001 \
SERVICE_GROUP=mygroup \
SERVICE_GID=10001
RUN addgroup -g ${SERVICE_GID} ${SERVICE_GROUP} && \
adduser -g "${SERVICE_NAME} user" -D -H -G ${SERVICE_GROUP} -s /sbin/nologin -u ${SERVICE_UID} ${SERVICE_USER} && \
apk add --update libcap && \
mkdir /lib64 && \
ln -s /usr/lib/jvm/java-1.8-openjdk/jre/lib/amd64/server/libjvm.so /lib/libjvm.so && \
ln -s /usr/lib/jvm/java-1.8-openjdk/lib/amd64/jli/libjli.so /lib/libjli.so && \
setcap 'cap_net_bind_service=+ep' $(readlink -f $(which java))
WORKDIR /usr/src/app
COPY ./target/*.jar ./app.jar
COPY *.jar ./app.jar
RUN chown -R ${SERVICE_USER}:${SERVICE_GROUP} ./app.jar
USER ${SERVICE_USER}
ENTRYPOINT ["java","-Djava.security.egd=file:/dev/urandom","-jar","./app.jar", "--port=80"]
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment