Skip to content

Commit 011571e

Browse files
HuulivoideHuulivoide
committed
Update & improve Docker file
* Proper file permissions: - Only scripts should be executable - Files should not be writeable * Replace curl healthcheck with java client. * Update Java version
1 parent 896d595 commit 011571e

1 file changed

Lines changed: 9 additions & 11 deletions

File tree

Dockerfile

Lines changed: 9 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -13,29 +13,27 @@ COPY ./src /build/src
1313
COPY ./profiles/prod /build/profiles/prod
1414
RUN mvn -Pprod -DskipTests=true clean package spring-boot:repackage
1515

16-
FROM eclipse-temurin:25.0.1_8-jre
16+
FROM eclipse-temurin:25.0.2_10-jre
1717

1818
# Application Insights version
1919
ARG APPINSIGHTS_VERSION=3.7.7
2020

2121
# expose server port
2222
EXPOSE 8080
2323

24-
# install curl
25-
RUN apt-get update \
26-
&& apt-get install -y curl \
27-
&& rm -rf /var/lib/apt/lists/*
28-
2924
# download script for reading Docker secrets
30-
ADD --chmod=755 https://raw.githubusercontent.com/HSLdevcom/jore4-tools/main/docker/read-secrets.sh /tmp/read-secrets.sh
25+
ADD --chmod=555 https://raw.githubusercontent.com/HSLdevcom/jore4-tools/main/docker/read-secrets.sh /tmp/read-secrets.sh
26+
27+
# Downaload a Java applet to perform HEALTHCHECK with
28+
ADD --chmod=444 https://raw.githubusercontent.com/HSLdevcom/jore4-tools/main/docker/HealthCheck.jar /app/scripts/HealthCheck.jar
3129

3230
# Connection string is provided as env in Kubernetes by secrets manager
3331
# it should not be provided for other environments (local etc)
34-
ADD --chmod=755 https://github.com/microsoft/ApplicationInsights-Java/releases/download/${APPINSIGHTS_VERSION}/applicationinsights-agent-${APPINSIGHTS_VERSION}.jar /usr/src/jore4-map-matching/applicationinsights-agent.jar
35-
COPY --chmod=755 ./applicationinsights.json /usr/src/jore4-map-matching/applicationinsights.json
32+
ADD --chmod=444 https://github.com/microsoft/ApplicationInsights-Java/releases/download/${APPINSIGHTS_VERSION}/applicationinsights-agent-${APPINSIGHTS_VERSION}.jar /usr/src/jore4-map-matching/applicationinsights-agent.jar
33+
COPY --chmod=444 ./applicationinsights.json /usr/src/jore4-map-matching/applicationinsights.json
3634

3735
# add helper script for constructing JDBC URL
38-
COPY --chmod=755 ./scripts/build-jdbc-urls.sh /tmp/build-jdbc-urls.sh
36+
COPY --chmod=555 ./scripts/build-jdbc-urls.sh /tmp/build-jdbc-urls.sh
3937

4038
# copy compiled jar from builder stage
4139
COPY --from=builder /build/target/*.jar /usr/src/jore4-map-matching/jore4-map-matching.jar
@@ -44,4 +42,4 @@ COPY --from=builder /build/target/*.jar /usr/src/jore4-map-matching/jore4-map-ma
4442
CMD ["/bin/bash", "-c", "source /tmp/read-secrets.sh && source /tmp/build-jdbc-urls.sh && java -javaagent:/usr/src/jore4-map-matching/applicationinsights-agent.jar -jar /usr/src/jore4-map-matching/jore4-map-matching.jar"]
4543

4644
HEALTHCHECK --interval=1m --timeout=5s \
47-
CMD curl --fail http://localhost:8080/actuator/health
45+
CMD ["java", "-jar", "/app/scripts/HealthCheck.jar"]

0 commit comments

Comments
 (0)