diff --git a/.github/workflows/push-trigger.yml b/.github/workflows/push-trigger.yml index b8ebc2c7..939fd4a4 100644 --- a/.github/workflows/push-trigger.yml +++ b/.github/workflows/push-trigger.yml @@ -117,4 +117,4 @@ jobs: OSSRH_SECRET: ${{ secrets.OSSRH_SECRET }} OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }} GPG_SECRET: ${{ secrets.GPG_SECRET }} - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} \ No newline at end of file + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} diff --git a/Dockerfile b/Dockerfile index 188cb9f3..1cf4eb81 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,14 +1,5 @@ FROM openjdk:11 -ARG SOURCE -ARG COMMIT_HASH -ARG COMMIT_ID -ARG BUILD_TIME -LABEL source=${SOURCE} -LABEL commit_hash=${COMMIT_HASH} -LABEL commit_id=${COMMIT_ID} -LABEL build_time=${BUILD_TIME} - # can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG spring_config_label @@ -24,6 +15,18 @@ ARG is_glowroot # can be passed during Docker build as build time environment for artifactory URL ARG artifactory_url +# can be passed during Docker build as build time environment for github branch to pickup configuration from. +ARG container_user=mosip +ARG container_user_group=mosip +ARG container_user_uid=1001 +ARG container_user_gid=1001 + +# can be passed during Docker build as build time environment for label related addition to docker. +ARG SOURCE +ARG COMMIT_HASH +ARG COMMIT_ID +ARG BUILD_TIME + # environment variable to pass active profile such as DEV, QA etc at docker runtime ENV active_profile_env=${active_profile} @@ -42,23 +45,11 @@ ENV artifactory_url_env=${artifactory_url} # environment variable to pass iam_adapter url, at docker runtime ENV iam_adapter_url_env=${iam_adapter_url} -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG container_user=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG container_user_group=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG container_user_uid=1001 - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG container_user_gid=1001 - -# install packages and create user -RUN apt-get -y update \ -&& apt-get install -y unzip \ -&& groupadd -g ${container_user_gid} ${container_user_group} \ -&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} +# can be passed during Docker build as build time environment for label. +LABEL source=${SOURCE} +LABEL commit_hash=${COMMIT_HASH} +LABEL commit_id=${COMMIT_ID} +LABEL build_time=${BUILD_TIME} # set working directory for the user WORKDIR /home/${container_user} @@ -67,8 +58,6 @@ ENV work_dir=/home/${container_user} ARG loader_path=${work_dir}/additional_jars/ -RUN mkdir -p ${loader_path} - ENV loader_path_env=${loader_path} # change volume to whichever storage directory you want to use for this container. @@ -76,8 +65,13 @@ VOLUME ${work_dir}/logs ${work_dir}/Glowroot COPY ./target/print-*.jar print.jar -# change permissions of file inside working dir -RUN chown -R ${container_user}:${container_user} /home/${container_user} +#install packages, create user and change permissions of file inside working dir +RUN apt-get -y update \ +&& apt-get install -y unzip \ +&& groupadd -g ${container_user_gid} ${container_user_group} \ +&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ +&& mkdir -p ${loader_path} \ +&& chown -R ${container_user}:${container_user} /home/${container_user} # select container user for all tasks USER ${container_user_uid}:${container_user_gid}