mirror of
https://github.com/goharbor/harbor.git
synced 2024-12-29 20:18:05 +01:00
6f335bdb1a
This change involves using non-root user to run the process of the docker images. Also made update in Dockerfile to make the containers support "read-only" and introduce "HEALTHCHECK". Note the "read-only" options are not enabled in docker-compose, to cover the very corner case when user wants to update the container filesystem manually. Remove read only option from docker-compose template by default
26 lines
1021 B
Docker
26 lines
1021 B
Docker
FROM vmware/photon:1.0
|
|
|
|
#The Docker Daemon has to be running with storage backend btrfs when building the image
|
|
|
|
RUN tdnf distro-sync -y || echo \
|
|
&& tdnf install -y sed shadow procps-ng gawk gzip sudo net-tools \
|
|
&& groupadd -r -g 10000 mysql && useradd --no-log-init -r -g 10000 -u 10000 mysql \
|
|
&& tdnf install -y mariadb-server mariadb \
|
|
&& mkdir /docker-entrypoint-initdb.d /docker-entrypoint-updatedb.d \
|
|
&& rm -fr /var/lib/mysql \
|
|
&& mkdir -p /var/lib/mysql /var/run/mysqld \
|
|
&& chown -R mysql:mysql /var/lib/mysql /var/run/mysqld \
|
|
&& chmod 777 /var/run/mysqld /docker-entrypoint-initdb.d /docker-entrypoint-updatedb.d \
|
|
&& tdnf clean all
|
|
|
|
COPY docker-entrypoint.sh /usr/local/bin/
|
|
RUN chmod +x /usr/local/bin/docker-entrypoint.sh
|
|
COPY my.cnf /etc/
|
|
RUN ln -s usr/local/bin/docker-entrypoint.sh /
|
|
|
|
VOLUME /var/lib/mysql /docker-entrypoint-initdb.d /docker-entrypoint-updatedb.d /tmp /var/run/mysqld
|
|
EXPOSE 3306
|
|
|
|
ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
|
|
CMD ["mysqld"]
|