Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: improve docker set up #3924

Merged
merged 26 commits into from
Jan 11, 2025
Merged
Changes from 1 commit
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
2337b83
Revert "Revert "chore/remove-nsswitch-hosts""
aeneasr Jan 11, 2025
cf86047
Revert "Revert "chore: Revise scratch image""
aeneasr Jan 11, 2025
bd4dd50
Revert "Revert "chore: Revise alpine images""
aeneasr Jan 11, 2025
33e5a31
Revert "Revert "chore: Use the same busybox commands with distroless""
aeneasr Jan 11, 2025
69c21cd
Revert "Revert "chore: Remove redundant `VOLUME` directives""
aeneasr Jan 11, 2025
365dac2
Revert "Revert "chore: `Dockerfile-scratch` - Add commentary""
aeneasr Jan 11, 2025
79413bd
Revert "Revert "chore: `Dockerfile-sqlite` - Add commentary""
aeneasr Jan 11, 2025
7ccf62c
Revert "Revert "chore: `Dockerfile-alpine` - Add commentary""
aeneasr Jan 11, 2025
323b2f4
Revert "Revert "fix: improve docker set up""
aeneasr Jan 11, 2025
59b4e21
Revert "Revert "chore: synchronize workspaces""
aeneasr Jan 11, 2025
553e6b1
Revert "Revert "chore: synchronize workspaces""
aeneasr Jan 11, 2025
2c1f1cd
Revert "Revert "chore: synchronize workspaces""
aeneasr Jan 11, 2025
2c38b14
Revert "Revert "chore: synchronize workspaces""
aeneasr Jan 11, 2025
6842fe7
Revert "Revert "chore: synchronize workspaces""
aeneasr Jan 11, 2025
db2daab
Revert "Revert "chore: synchronize workspaces""
aeneasr Jan 11, 2025
8727fbb
Revert "Revert "chore: synchronize workspaces""
aeneasr Jan 11, 2025
2430642
Revert "Revert "chore: synchronize workspaces""
aeneasr Jan 11, 2025
8987068
Revert "Revert "chore: synchronize workspaces""
aeneasr Jan 11, 2025
4e26112
Revert "Revert "chore: synchronize workspaces""
aeneasr Jan 11, 2025
d7856e0
Revert "Revert "Update .docker/README.md""
aeneasr Jan 11, 2025
dba0cc7
Revert "Revert "Update .docker/Dockerfile-local-build""
aeneasr Jan 11, 2025
dc2dc93
Revert "Revert "Update .docker/Dockerfile-test-hsm""
aeneasr Jan 11, 2025
be6ec0d
Revert "Revert "chore: synchronize workspaces""
aeneasr Jan 11, 2025
fea1f7e
Revert "Revert "chore: synchronize workspaces""
aeneasr Jan 11, 2025
9b2d65a
Revert "Revert "chore: synchronize workspaces""
aeneasr Jan 11, 2025
6ca3aec
Revert "Revert "chore: synchronize workspaces""
aeneasr Jan 11, 2025
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Revert "Revert "chore: Revise scratch image""
This reverts commit de90d0b.
aeneasr authored Jan 11, 2025
commit cf86047da6d0a776ea336d3004c80852423d73a7
30 changes: 19 additions & 11 deletions .docker/Dockerfile-scratch
Original file line number Diff line number Diff line change
@@ -1,20 +1,28 @@
FROM alpine:3.20
FROM alpine:3.20 AS base-files

RUN apk upgrade --no-cache && \
RUN <<HEREDOC
apk upgrade --no-cache
apk add --no-cache --upgrade ca-certificates

RUN addgroup -S ory; \
adduser -S ory -G ory -D -h /home/ory -s /bin/nologin;
# Add a user/group for Ory with a stable UID + GID:
addgroup --system --gid 500 ory
adduser --system --uid 500 \
--gecos "Ory User" \
--home /home/ory \
--ingroup ory \
--shell /sbin/nologin \
ory

RUN mkdir -p /var/lib/sqlite && \
chown -R ory:ory /var/lib/sqlite
# Create the sqlite directory with ownership to that user and group:
install --owner ory --group ory --directory /var/lib/sqlite
HEREDOC

FROM scratch

COPY --from=0 /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=0 /etc/nsswitch.conf /etc/nsswitch.conf
COPY --from=0 /etc/passwd /etc/passwd
COPY --from=0 /var/lib/sqlite /var/lib/sqlite
COPY --from=base-files /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=base-files /etc/nsswitch.conf /etc/nsswitch.conf
# NOTE: /etc/group and /etc/shadow were not copied over, only user lookup is valid for `USER`:
COPY --from=base-files /etc/passwd /etc/passwd
COPY --from=base-files /var/lib/sqlite /var/lib/sqlite

COPY hydra /usr/bin/hydra