forked from freudenreichan/EinfuehrungInDocker_Pipeline2
Sicherheitscheck update
This commit is contained in:
parent
65af3e65c9
commit
32d5fa1ccc
22
Dockerfile
22
Dockerfile
@ -1,8 +1,7 @@
|
|||||||
# Base-Image
|
# Base-Image
|
||||||
FROM alpine:latest
|
FROM alpine:latest AS builder
|
||||||
|
|
||||||
# Pakete installieren
|
# Pakete installieren
|
||||||
RUN apk upgrade --no-cache
|
|
||||||
RUN apk add --no-cache build-base
|
RUN apk add --no-cache build-base
|
||||||
|
|
||||||
# Arbeitsverzeichnis setzen
|
# Arbeitsverzeichnis setzen
|
||||||
@ -14,8 +13,25 @@ COPY . .
|
|||||||
# Code kompilieren
|
# Code kompilieren
|
||||||
RUN gcc -o deployment deployment.c
|
RUN gcc -o deployment deployment.c
|
||||||
|
|
||||||
|
# Stage 2
|
||||||
|
FROM alpine:latest
|
||||||
|
|
||||||
|
RUN apk upgrade --no-cache
|
||||||
|
|
||||||
|
RUN addgroup -S stdgroup && adduser -S stduser -G stdgroup
|
||||||
|
|
||||||
|
WORKDIR /app
|
||||||
|
|
||||||
|
COPY --from=builder /app/deployment .
|
||||||
|
|
||||||
|
|
||||||
# Verzeichnis für Ausgabe anlegen
|
# Verzeichnis für Ausgabe anlegen
|
||||||
RUN mkdir /output
|
RUN mkdir /output && chown stduser:stdgroup /output
|
||||||
|
|
||||||
|
VOLUME ["/output"]
|
||||||
|
USER stduser
|
||||||
|
|
||||||
|
HEALTHCHECK --interval=30s --timeout=5s --start-period=15s --retries=3 CMD test -f /output/output.txt || exit 1
|
||||||
|
|
||||||
# Ausgabe wird ins Container-Dateisystem geschrieben
|
# Ausgabe wird ins Container-Dateisystem geschrieben
|
||||||
ENTRYPOINT ["/bin/bash", "-c"]
|
ENTRYPOINT ["/bin/bash", "-c"]
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user