update Dockerfile
Former-commit-id: 3f8dcfdf865ca0857bf2d5261b858cc3daa22f3f
This commit is contained in:
Ben Schermel
John Sully
parent
39a7500321
commit
7e09d16542
@ -7,45 +7,45 @@ RUN groupadd -r keydb && useradd -r -g keydb keydb
|
||||
ENV GOSU_VERSION 1.11
|
||||
RUN set -eux; \
|
||||
# save list of currently installed packages for later so we can clean up
|
||||
savedAptMark="$(apt-mark showmanual)"; \
|
||||
apt-get update; \
|
||||
apt-get install -y --no-install-recommends \
|
||||
ca-certificates \
|
||||
dirmngr \
|
||||
gnupg \
|
||||
wget \
|
||||
; \
|
||||
# rm -rf /var/lib/apt/lists/*; \
|
||||
\
|
||||
dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
|
||||
wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
|
||||
wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
|
||||
\
|
||||
savedAptMark="$(apt-mark showmanual)"; \
|
||||
apt-get update; \
|
||||
apt-get install -y --no-install-recommends \
|
||||
ca-certificates \
|
||||
dirmngr \
|
||||
gnupg \
|
||||
wget \
|
||||
; \
|
||||
\
|
||||
dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
|
||||
wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
|
||||
wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
|
||||
\
|
||||
# verify the signature
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
|
||||
gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
|
||||
gpgconf --kill all; \
|
||||
rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
|
||||
\
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
|
||||
gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
|
||||
gpgconf --kill all; \
|
||||
rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
|
||||
\
|
||||
# clean up fetch dependencies
|
||||
apt-mark auto '.*' > /dev/null; \
|
||||
[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
|
||||
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
|
||||
\
|
||||
chmod +x /usr/local/bin/gosu; \
|
||||
apt-mark auto '.*' > /dev/null; \
|
||||
[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
|
||||
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
|
||||
\
|
||||
chmod +x /usr/local/bin/gosu; \
|
||||
# verify that the binary works
|
||||
gosu --version; \
|
||||
gosu nobody true
|
||||
gosu --version; \
|
||||
gosu nobody true
|
||||
|
||||
# Load pre-generated equivalent binaries to image (reduces deployment build times)
|
||||
ADD ./app/* /usr/local/bin/
|
||||
|
||||
RUN \
|
||||
mkdir -p /etc/keydb
|
||||
ADD ./app/keydb-* /usr/local/bin/
|
||||
ADD ./app/docker-entrypoint.sh /usr/local/bin/
|
||||
ADD ./app/*.conf /etc/keydb/
|
||||
# Set up config and binaries
|
||||
RUN \
|
||||
cd /usr/local/bin && \
|
||||
mkdir -p /etc/keydb && \
|
||||
mv -f *.conf /etc/keydb && \
|
||||
sed -i 's/^\(bind .*\)$/# \1/' /etc/keydb/keydb.conf && \
|
||||
sed -i 's/^\(daemonize .*\)$/# \1/' /etc/keydb/keydb.conf && \
|
||||
sed -i 's/^\(dir .*\)$/# \1\ndir \/data/' /etc/keydb/keydb.conf && \
|
||||
@ -55,33 +55,24 @@ RUN \
|
||||
cd /etc/keydb && \
|
||||
ln -s keydb.conf redis.conf
|
||||
|
||||
# Ensure deps installed for binaries (including Pro)
|
||||
# libc6 (>= 2.17), libcurl4 (>= 7.16.2), libgcc1 (>= 1:3.0), libstdc++6 (>= 4.8.1), libuuid1 (>= 2.16), libssl1.1 (>= 1.1.1)
|
||||
# Ensure deps installed for binaries
|
||||
RUN set -eux; \
|
||||
\
|
||||
savedAptMark="$(apt-mark showmanual)"; \
|
||||
apt-get install -y --no-install-recommends \
|
||||
libcurl4 \
|
||||
libc6 \
|
||||
libssl1.1 \
|
||||
libuuid1 \
|
||||
libstdc++6 \
|
||||
libgcc1 \
|
||||
zlib1g \
|
||||
; \
|
||||
rm -rf /var/lib/apt/lists/*; \
|
||||
\
|
||||
apt-mark auto '.*' > /dev/null; \
|
||||
[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
|
||||
find /usr/local -type f -executable -exec ldd '{}' ';' \
|
||||
| awk '/=>/ { print $(NF-1) }' \
|
||||
| sort -u \
|
||||
| xargs -r dpkg-query --search \
|
||||
| cut -d: -f1 \
|
||||
| sort -u \
|
||||
| xargs -r apt-mark manual \
|
||||
; \
|
||||
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false
|
||||
\
|
||||
savedAptMark="$(apt-mark showmanual)"; \
|
||||
apt-get install -y --no-install-recommends \
|
||||
libcurl4 \
|
||||
libc6 \
|
||||
libssl1.1 \
|
||||
libuuid1 \
|
||||
libstdc++6 \
|
||||
libgcc1 \
|
||||
zlib1g \
|
||||
libbz2-1.0 \
|
||||
liblz4-1 \
|
||||
libsnappy1v5 \
|
||||
libzstd1 \
|
||||
; \
|
||||
rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# create working directories
|
||||
RUN \
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user