diff --git a/Dockerfile b/Dockerfile index 2e5b936..688ebe7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,12 +7,19 @@ LABEL maintainer="ian@iamthefij.com" ARG ARCH=x86_64 COPY ./build/qemu-${ARCH}-static /usr/bin/ -COPY ./sample-config.yml /app/config.yml +# Add common checking tools +RUN apk add bash curl jq WORKDIR /app +# Add minitor user for running as non-root +RUN addgroup -S minitor && adduser -S minitor -G minitor + # Expose default metrics port EXPOSE 8080 +# Copy default sample config +COPY ./sample-config.yml /app/config.yml + # Copy Python package to container COPY ./README.md /app/ COPY ./setup.py /app/ @@ -25,4 +32,7 @@ COPY ./scripts /app/scripts # Allow all users to execute minitor and scripts RUN chmod -R 755 /app +# Drop to non-root user +USER minitor + ENTRYPOINT [ "python3", "-m", "minitor.main" ] diff --git a/examples/docker-checks/Dockerfile b/examples/docker-checks/Dockerfile deleted file mode 100644 index 637690d..0000000 --- a/examples/docker-checks/Dockerfile +++ /dev/null @@ -1,7 +0,0 @@ -FROM minitor-dev-linux-amd64 - -RUN apk add bash jq curl - -RUN addgroup -S minitor && adduser -S minitor -G minitor - -USER minitor diff --git a/examples/docker-checks/docker-compose.yml b/examples/docker-checks/docker-compose.yml index 36638e6..5ee76c5 100644 --- a/examples/docker-checks/docker-compose.yml +++ b/examples/docker-checks/docker-compose.yml @@ -1,7 +1,7 @@ version: '2' services: minitor: - build: . + build: ../.. volumes: - ./config.yml:/app/config.yml - /var/run/docker.sock:/var/run/docker.sock:ro