From 9a8dbdbfef09d03b88f7fab09cf24af849a7fe0b Mon Sep 17 00:00:00 2001 From: Ian Fijolek Date: Thu, 1 Aug 2019 13:59:05 -0700 Subject: [PATCH] Roll utils and non-root stuff into main image --- Dockerfile | 12 +++++++++++- examples/docker-checks/Dockerfile | 7 ------- examples/docker-checks/docker-compose.yml | 2 +- 3 files changed, 12 insertions(+), 9 deletions(-) delete mode 100644 examples/docker-checks/Dockerfile diff --git a/Dockerfile b/Dockerfile index 2e5b936..688ebe7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,12 +7,19 @@ LABEL maintainer="ian@iamthefij.com" ARG ARCH=x86_64 COPY ./build/qemu-${ARCH}-static /usr/bin/ -COPY ./sample-config.yml /app/config.yml +# Add common checking tools +RUN apk add bash curl jq WORKDIR /app +# Add minitor user for running as non-root +RUN addgroup -S minitor && adduser -S minitor -G minitor + # Expose default metrics port EXPOSE 8080 +# Copy default sample config +COPY ./sample-config.yml /app/config.yml + # Copy Python package to container COPY ./README.md /app/ COPY ./setup.py /app/ @@ -25,4 +32,7 @@ COPY ./scripts /app/scripts # Allow all users to execute minitor and scripts RUN chmod -R 755 /app +# Drop to non-root user +USER minitor + ENTRYPOINT [ "python3", "-m", "minitor.main" ] diff --git a/examples/docker-checks/Dockerfile b/examples/docker-checks/Dockerfile deleted file mode 100644 index 637690d..0000000 --- a/examples/docker-checks/Dockerfile +++ /dev/null @@ -1,7 +0,0 @@ -FROM minitor-dev-linux-amd64 - -RUN apk add bash jq curl - -RUN addgroup -S minitor && adduser -S minitor -G minitor - -USER minitor diff --git a/examples/docker-checks/docker-compose.yml b/examples/docker-checks/docker-compose.yml index 36638e6..5ee76c5 100644 --- a/examples/docker-checks/docker-compose.yml +++ b/examples/docker-checks/docker-compose.yml @@ -1,7 +1,7 @@ version: '2' services: minitor: - build: . + build: ../.. volumes: - ./config.yml:/app/config.yml - /var/run/docker.sock:/var/run/docker.sock:ro