forked from freudenreichan/EinfuehrungInDocker_Pipeline2
45 lines
1.1 KiB
Docker
45 lines
1.1 KiB
Docker
# ---- Build-Stage ----
|
|
FROM alpine:3.20 AS build-env
|
|
|
|
# Build-Abhängigkeiten installieren (nur für die Build-Stage)
|
|
RUN apk add --no-cache \
|
|
build-base \
|
|
gcc \
|
|
curl
|
|
|
|
WORKDIR /app
|
|
|
|
# Quellcode kopieren
|
|
COPY deployment.c .
|
|
|
|
# Programm kompilieren (statisch linken für bessere Portabilität)
|
|
RUN gcc -static -o deployment deployment.c
|
|
|
|
# ---- Finale Stage ----
|
|
FROM alpine:3.20
|
|
|
|
# Kein root User - eigenen User erstellen
|
|
RUN addgroup -g 1000 -S appgroup && \
|
|
adduser -u 1000 -S appuser -G appgroup
|
|
|
|
# Nur notwendige Pakete installieren (curl für healthcheck, net-tools nicht nötig)
|
|
RUN apk add --no-cache curl
|
|
|
|
WORKDIR /app
|
|
|
|
# Programm aus Build-Stage kopieren
|
|
COPY --from=build-env --chown=appuser:appgroup /app/deployment /app/deployment
|
|
|
|
# Ausgabeverzeichnis mit korrekten Berechtigungen
|
|
RUN mkdir -p /output && chown -R appuser:appgroup /output
|
|
|
|
# Zu nicht-root Benutzer wechseln
|
|
USER appuser
|
|
|
|
# Healthcheck alle 30 Sekunden
|
|
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
|
|
CMD curl -f http://localhost:8080/health || exit 1
|
|
|
|
# Programm ausführen (ohne Bash, direkt)
|
|
ENTRYPOINT ["/app/deployment"]
|
|
CMD ["10"] |