generated from bcgov/quickstart-openshift
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Frontend up yarn installs * Consolidate Healthchecks into Dockerfiles * Make oracle-api depend on backend * Unprivileged user for local frontend dev * Use default values for healthchecks * Formatting, slight logic tweak * Let local frontend use user:root
- Loading branch information
1 parent
691be78
commit c36f6bf
Showing
6 changed files
with
49 additions
and
67 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,26 +1,28 @@ | ||
| FROM maven:3.8.7-eclipse-temurin-17 AS build | ||
|
|
||
| # User | ||
| RUN addgroup --system spring && adduser --system spring --ingroup spring | ||
| USER spring:spring | ||
|
|
||
| # App | ||
| WORKDIR /home/spring | ||
| COPY src /home/spring/src | ||
| COPY pom.xml /home/spring | ||
|
|
||
| WORKDIR /home/spring | ||
| RUN mvn --no-transfer-progress --update-snapshots -P prod clean package | ||
|
|
||
| FROM eclipse-temurin:17.0.7_7-jre-jammy | ||
| LABEL maintainer="Ricardo Montania Prado de Campos <ricardo.campos@encora.com>" | ||
| FROM eclipse-temurin:17.0.7_7-jre-jammy AS deploy | ||
|
|
||
| ENV LANG en_CA.UTF-8 | ||
| ENV LANGUAGE en_CA.UTF-8 | ||
| ENV LC_ALL en_CA.UTF-8 | ||
|
|
||
| # App | ||
| WORKDIR /usr/share/service/ | ||
| COPY --from=build /home/spring/target/nr-spar-backend.jar /usr/share/service/service.jar | ||
| COPY dockerfile-entrypoint.sh /usr/share/service/dockerfile-entrypoint.sh | ||
|
|
||
| EXPOSE 8090 | ||
| # User, port and healthcheck | ||
| USER 1001 | ||
| HEALTHCHECK --interval=35s --timeout=4s CMD wget --no-verbose --tries=1 --spider http://localhost:8090/actuator/health | ||
| EXPOSE 8090 | ||
| HEALTHCHECK CMD curl -f http://localhost:8090/actuator/health | grep '"status":"UP"' | ||
| ENTRYPOINT ["/usr/share/service/dockerfile-entrypoint.sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,9 +1,10 @@ | ||
| # RedHat UBI 8 with nodejs 14 | ||
| FROM postgis/postgis:13-master | ||
|
|
||
| # Enable pgcrypto extension on startup | ||
| RUN sed -i '/EXISTS postgis_tiger_geocoder;*/a CREATE EXTENSION IF NOT EXISTS pgcrypto;' \ | ||
| /docker-entrypoint-initdb.d/10_postgis.sh | ||
|
|
||
| # Non-privileged user | ||
| # User, port and Healthcheck | ||
| USER postgres | ||
| EXPOSE 5432 | ||
| HEALTHCHECK CMD [ "pg_isready", "-U", "postgres"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,26 +1,26 @@ | ||
| # Build | ||
| FROM node:16.19.1-alpine3.17 AS build | ||
|
|
||
| # Copy and build | ||
| # Build | ||
| WORKDIR /app | ||
| COPY . . | ||
| RUN apk add --no-cache python3 g++ make &&\ | ||
| yarn install --frozen-lockfile --prefer-offline | ||
| RUN yarn build:production | ||
| RUN rm -rf node_modules | ||
| RUN apk add --no-cache python3 g++ make && \ | ||
| yarn install --frozen-lockfile --prefer-offline && \ | ||
| yarn build:production && \ | ||
| rm -rf node_modules | ||
|
|
||
| # Deploy | ||
| FROM node:16.19.1-alpine3.17 | ||
| FROM node:16.19.1-alpine3.17 AS deploy | ||
|
|
||
| # Copy and prep app | ||
| WORKDIR /app | ||
| COPY --from=build /app/build/ . | ||
| RUN yarn global add serve@14.2.0 react-inject-env@2.1.0 && \ | ||
| chmod -R g+w . | ||
|
|
||
| # User and startup | ||
| EXPOSE 3000 | ||
| # User, port and healthcheck | ||
| USER 1001 | ||
| HEALTHCHECK --interval=30s --timeout=3s CMD wget --no-verbose --tries=1 --spider http://localhost:3000/ | ||
| EXPOSE 3000 | ||
| HEALTHCHECK CMD wget --no-verbose --tries=1 --spider http://localhost:3000 || exit 1 | ||
|
|
||
| # Startup | ||
| CMD react-inject-env set -d . && \ | ||
| serve --no-clipboard --single . |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,12 +1,14 @@ | ||
| # Build | ||
| FROM node:16.19.1-alpine3.17 AS dev-build | ||
| FROM node:16.19.1-alpine3.17 | ||
| ENV PORT=3000 | ||
|
|
||
| # Copy and build | ||
| WORKDIR /app | ||
| COPY . . | ||
| RUN apk add --no-cache python3 g++ make &&\ | ||
| yarn install --frozen-lockfile --prefer-offline | ||
| # Packages | ||
| RUN apk add --no-cache python3 g++ make | ||
|
|
||
| # User, port and Healthcheck | ||
| USER 1001 | ||
| EXPOSE 3000 | ||
| HEALTHCHECK --interval=30s --timeout=3s CMD curl -f http://localhost:3000/ | ||
| CMD yarn start | ||
| EXPOSE ${PORT} | ||
| HEALTHCHECK CMD wget --no-verbose --tries=1 --spider http://localhost:${PORT} || exit 1 | ||
|
|
||
| # Start | ||
| WORKDIR /app | ||
| CMD ["sh", "-c", "yarn install --frozen-lockfile --prefer-offline && yarn start"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,33 +1,31 @@ | ||
| # Build container | ||
| FROM openjdk:17.0.2 AS build | ||
|
|
||
| # Build package/archive | ||
| # Build | ||
| WORKDIR /app | ||
| COPY . ./ | ||
| RUN ./mvnw --no-transfer-progress --update-snapshots clean package -Dtests.skip=true -Dskip.unit.tests=true | ||
| RUN javac HealthCheck.java InstallCert.java | ||
| RUN ./mvnw --no-transfer-progress --update-snapshots clean package -Dtests.skip=true -Dskip.unit.tests=true && \ | ||
| javac HealthCheck.java InstallCert.java | ||
|
|
||
| # Deploy container | ||
| FROM eclipse-temurin:17.0.7_7-jdk-jammy AS deploy | ||
|
|
||
| # Java vars | ||
| ENV LANG en_CA.UTF-8 | ||
| ENV LANGUAGE en_CA.UTF-8 | ||
| ENV LC_ALL en_CA.UTF-8 | ||
|
|
||
| # Setup package/archive and supporting files | ||
| WORKDIR /usr/share/service/ | ||
| COPY --from=build /app/target/*.jar \ | ||
| /app/HealthCheck.class \ | ||
| /app/InstallCert.class \ | ||
| /app/InstallCert\$SavingTrustManager.class \ | ||
| ./artifacts/ | ||
| COPY --from=build /app/target/*.jar /app/*.class ./artifacts/ | ||
| COPY dockerfile-entrypoint.sh ./ | ||
| RUN mkdir config dump public && \ | ||
| chmod -R g+w . && \ | ||
| chmod g+x dockerfile-entrypoint.sh && \ | ||
| chmod g+w ${JAVA_HOME}/lib/security/cacerts | ||
|
|
||
| # Port, user and entrypoint | ||
| EXPOSE 8090 | ||
| # User, port and healthcheck | ||
| USER 1001 | ||
| HEALTHCHECK --interval=35s --timeout=4s CMD java -cp /usr/share/service/artifacts/ HealthCheck | ||
| EXPOSE 8090 | ||
| HEALTHCHECK CMD curl -f http://localhost:8090/actuator/health | grep '"status":"UP"' | ||
|
|
||
| # Start | ||
| ENTRYPOINT ["/usr/share/service/dockerfile-entrypoint.sh"] |