better security in docker image
This commit is contained in:
parent
61d7bf378c
commit
4b1d507456
1 changed files with 14 additions and 4 deletions
18
Dockerfile
18
Dockerfile
|
|
@ -7,7 +7,10 @@ COPY go.sum ./
|
|||
|
||||
RUN apk add build-base && go mod download
|
||||
|
||||
COPY . ./
|
||||
COPY ./models ./models
|
||||
COPY ./notifiers ./notifiers
|
||||
COPY ./web ./web
|
||||
COPY ./main.go ./main.go
|
||||
|
||||
RUN GOOS=linux GOARCH=amd64 go build -ldflags="-s -w" -o /gowatch
|
||||
|
||||
|
|
@ -16,9 +19,16 @@ FROM alpine AS base
|
|||
|
||||
WORKDIR /app
|
||||
|
||||
COPY --from=builder /gowatch ./gowatch
|
||||
|
||||
COPY --from=builder /gowatch /app/gowatch
|
||||
RUN mkdir /config
|
||||
|
||||
RUN addgroup -S gowatch && \
|
||||
adduser -S gowatch -G gowatch && \
|
||||
chown gowatch:gowatch /app && \
|
||||
chown gowatch:gowatch /config
|
||||
|
||||
USER gowatch
|
||||
|
||||
ENV GOWATCH_DATABASE_DSN "/config/database.db"
|
||||
|
||||
ENTRYPOINT ["./gowatch"]
|
||||
ENTRYPOINT ["/app/gowatch"]
|
||||
Loading…
Add table
Reference in a new issue