Skip to content

Commit 2b6f028

Browse files
namedgraphnamedgraph
committed
Updated Dockerfile and fixed base image
1 parent 67596ad commit 2b6f028

File tree

1 file changed

+22
-15
lines changed

1 file changed

+22
-15
lines changed

Dockerfile

Lines changed: 22 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66
## the License. You may obtain a copy of the License at
77
##
88
## http://www.apache.org/licenses/LICENSE-2.0
9-
##
9+
##
1010
## Unless required by applicable law or agreed to in writing, software
1111
## distributed under the License is distributed on an "AS IS" BASIS,
1212
## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -17,8 +17,9 @@
1717

1818
## This Dockefile builds a reduced footprint container.
1919

20-
ARG OPENJDK_VERSION=21
21-
ARG ALPINE_VERSION=3.15.0
20+
ARG JAVA_VERSION=21
21+
22+
ARG ALPINE_VERSION=3.17.1
2223
ARG JENA_VERSION=4.7.0
2324

2425
# Internal, passed between stages.
@@ -27,7 +28,7 @@ ARG FUSEKI_JAR=jena-fuseki-server-${JENA_VERSION}.jar
2728
ARG JAVA_MINIMAL=/opt/java-minimal
2829

2930
## ---- Stage: Download and build java.
30-
FROM openjdk:${OPENJDK_VERSION}-alpine AS base
31+
FROM eclipse-temurin:${JAVA_VERSION}-alpine AS base
3132

3233
ARG JAVA_MINIMAL
3334
ARG JENA_VERSION
@@ -71,12 +72,6 @@ RUN \
7172
ADD entrypoint.sh .
7273
ADD log4j2.properties .
7374

74-
# Run as this user
75-
# -H : no home directorry
76-
# -D : no password
77-
78-
RUN adduser -H -D fuseki fuseki
79-
8075
## ---- Stage: Build runtime
8176
FROM alpine:${ALPINE_VERSION}
8277

@@ -88,18 +83,32 @@ ARG FUSEKI_JAR
8883

8984
COPY --from=base /opt/java-minimal /opt/java-minimal
9085
COPY --from=base /fuseki /fuseki
91-
COPY --from=base /etc/passwd /etc/passwd
9286

9387
WORKDIR $FUSEKI_DIR
9488

9589
ARG LOGS=${FUSEKI_DIR}/logs
9690
ARG DATA=${FUSEKI_DIR}/databases
9791

92+
ARG JENA_USER=fuseki
93+
ARG JENA_GROUP=$JENA_USER
94+
ARG JENA_GID=1000
95+
ARG JENA_UID=1000
96+
97+
# Run as this user
98+
# -H : no home directory
99+
# -D : no password
100+
RUN addgroup -g "${JENA_GID}" "${JENA_GROUP}" && \
101+
adduser "${JENA_USER}" -G "${JENA_GROUP}" -s /bin/ash -u "${JENA_UID}" -H -D
102+
103+
RUN mkdir --parents "${FUSEKI_DIR}" && \
104+
chown -R $JENA_USER ${FUSEKI_DIR}
105+
106+
USER $JENA_USER
107+
98108
RUN \
99109
mkdir -p $LOGS && \
100110
mkdir -p $DATA && \
101-
chown -R fuseki ${FUSEKI_DIR} && \
102-
chmod a+x entrypoint.sh
111+
chmod a+x entrypoint.sh
103112

104113
## Default environment variables.
105114
ENV \
@@ -109,8 +118,6 @@ ENV \
109118
FUSEKI_JAR="${FUSEKI_JAR}" \
110119
FUSEKI_DIR="${FUSEKI_DIR}"
111120

112-
USER fuseki
113-
114121
EXPOSE 3030
115122

116123
ENTRYPOINT ["./entrypoint.sh" ]

0 commit comments

Comments
 (0)